perf: reduce bundle size by another 100 bytes

Author: SukkaW

README.md

@@ -1,6 +1,6 @@
 # cors-edge
 
-You are writing a very simple functions that runs on edge (either on Cloudflare Workers, Fastly Edge Compute, Vercel Edge Functions, etc.) consisting of less than 100 lines of code. You want to enable CORS (Cross-Origin Resource Sharing) for your endpoint but you do not want to pull in a heavy framework with middlewares just for that. This platform-agnostic package provides a simple way to add CORS support with minimal footprint (with only `1.3 KiB` added to your bundle).
+You are writing a very simple functions that runs on edge (either on Cloudflare Workers, Fastly Edge Compute, Vercel Edge Functions, etc.) consisting of less than 100 lines of code. You want to enable CORS (Cross-Origin Resource Sharing) for your endpoint but you do not want to pull in a heavy framework with middlewares just for that. This platform-agnostic package provides a simple way to add CORS support with minimal footprint (with only `1.19 KiB` added to your bundle).
 
 ## Installation
 

src/index.ts

@@ -20,7 +20,14 @@ const defaults: CorsOptions = {
 };
 
 const ACCESS_CONTROL_PREFIX = 'Access-Control-';
+const ALLOW_PREFIX = 'Allow-';
 const VARY = 'Vary';
+const ORIGIN = 'Origin';
+const HEADERS = 'Headers';
+
+function setHeader(response: Response, name: string, value: string) {
+  return response.headers.set(name, value);
+}
 
 /**
  * A very simple CORS implementation for using in simple serverless workers
@@ -73,55 +80,50 @@ export function createCors(options?: CorsOptions) {
   const shouldVaryIncludeOrigin = optsOrigin !== '*';
 
   return async function simpleCors(request: Request, response: Response): Promise<Response> {
-    const originHeaderValue = request.headers.get('Origin') || '';
+    const originHeaderValue = request.headers.get(ORIGIN) || '';
     let allowOrigin = findAllowOrigin(originHeaderValue);
     if (allowOrigin && typeof allowOrigin === 'object' && 'then' in allowOrigin) {
       allowOrigin = await allowOrigin;
     }
     if (allowOrigin) {
-      response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Origin', allowOrigin);
+      setHeader(response, ACCESS_CONTROL_PREFIX + ALLOW_PREFIX + ORIGIN, allowOrigin);
     }
     // Suppose the server sends a response with an Access-Control-Allow-Origin value with an explicit origin (rather than the "*" wildcard).
     // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
     if (shouldVaryIncludeOrigin) {
-      const existingVary = request.headers.get(VARY);
-
-      if (existingVary) {
-        response.headers.set(VARY, existingVary);
-      } else {
-        response.headers.set(VARY, 'Origin');
-      }
+      setHeader(response, VARY, request.headers.get(VARY) /** existing Vary */ || ORIGIN);
     }
     if (opts.credentials) {
-      response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Credentials', 'true');
+      setHeader(response, ACCESS_CONTROL_PREFIX + ALLOW_PREFIX + 'Credentials', 'true');
     }
     if (opts.exposeHeaders?.length) {
-      response.headers.set(ACCESS_CONTROL_PREFIX + 'Expose-Headers', fastStringArrayJoin(opts.exposeHeaders, ','));
+      setHeader(response, ACCESS_CONTROL_PREFIX + 'Expose-' + HEADERS, fastStringArrayJoin(opts.exposeHeaders, ','));
     }
 
     let allowMethods = findAllowMethods(originHeaderValue);
     if ('then' in allowMethods) {
       allowMethods = await allowMethods;
     }
     if (allowMethods.length) {
-      response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Methods', fastStringArrayJoin(allowMethods, ','));
+      setHeader(response, ACCESS_CONTROL_PREFIX + ALLOW_PREFIX + 'Methods', fastStringArrayJoin(allowMethods, ','));
     }
 
     if (request.method === 'OPTIONS') {
       if (opts.maxAge != null) {
-        response.headers.set(ACCESS_CONTROL_PREFIX + 'Max-Age', opts.maxAge.toString());
+        setHeader(response, ACCESS_CONTROL_PREFIX + 'Max-Age', '' + opts.maxAge);
       }
 
       let headers = opts.allowHeaders;
+      const ACCESS_CONTROL_REQUEST_HEADERS = ACCESS_CONTROL_PREFIX + 'Request-' + HEADERS;
       if (!headers?.length) {
-        const requestHeaders = request.headers.get(ACCESS_CONTROL_PREFIX + 'Request-Headers');
+        const requestHeaders = request.headers.get(ACCESS_CONTROL_REQUEST_HEADERS);
         if (requestHeaders) {
           headers = requestHeaders.split(/\s*,\s*/);
         }
       }
       if (headers?.length) {
-        response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Headers', fastStringArrayJoin(headers, ','));
-        response.headers.append(VARY, ACCESS_CONTROL_PREFIX + 'Request-Headers');
+        setHeader(response, ACCESS_CONTROL_PREFIX + ALLOW_PREFIX + HEADERS, fastStringArrayJoin(headers, ','));
+        response.headers.append(VARY, ACCESS_CONTROL_REQUEST_HEADERS);
       }
 
       // return new Response(null, {