perf: reduce bundle size by 110 bytes

Author: SukkaW

README.md

@@ -1,6 +1,6 @@
 # cors-edge
 
-You are writing a very simple functions that runs on edge (either on Cloudflare Workers, Fastly Edge Compute, Vercel Edge Functions, etc.) consisting of less than 100 lines of code. You want to enable CORS (Cross-Origin Resource Sharing) for your endpoint but you do not want to pull in a heavy framework with middlewares just for that. This platform-agnostic package provides a simple way to add CORS support with minimal footprint (with only `1.4 KiB` added to your bundle).
+You are writing a very simple functions that runs on edge (either on Cloudflare Workers, Fastly Edge Compute, Vercel Edge Functions, etc.) consisting of less than 100 lines of code. You want to enable CORS (Cross-Origin Resource Sharing) for your endpoint but you do not want to pull in a heavy framework with middlewares just for that. This platform-agnostic package provides a simple way to add CORS support with minimal footprint (with only `1.3 KiB` added to your bundle).
 
 ## Installation
 

src/index.ts

@@ -19,6 +19,9 @@ const defaults: CorsOptions = {
   exposeHeaders: []
 };
 
+const ACCESS_CONTROL_PREFIX = 'Access-Control-';
+const VARY = 'Vary';
+
 /**
  * A very simple CORS implementation for using in simple serverless workers
  *
@@ -70,54 +73,55 @@ export function createCors(options?: CorsOptions) {
   const shouldVaryIncludeOrigin = optsOrigin !== '*';
 
   return async function simpleCors(request: Request, response: Response): Promise<Response> {
-    let allowOrigin = findAllowOrigin(request.headers.get('Origin') || '');
+    const originHeaderValue = request.headers.get('Origin') || '';
+    let allowOrigin = findAllowOrigin(originHeaderValue);
     if (allowOrigin && typeof allowOrigin === 'object' && 'then' in allowOrigin) {
       allowOrigin = await allowOrigin;
     }
     if (allowOrigin) {
-      response.headers.set('Access-Control-Allow-Origin', allowOrigin);
+      response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Origin', allowOrigin);
     }
     // Suppose the server sends a response with an Access-Control-Allow-Origin value with an explicit origin (rather than the "*" wildcard).
     // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
     if (shouldVaryIncludeOrigin) {
-      const existingVary = request.headers.get('Vary');
+      const existingVary = request.headers.get(VARY);
 
       if (existingVary) {
-        response.headers.set('Vary', existingVary);
+        response.headers.set(VARY, existingVary);
       } else {
-        response.headers.set('Vary', 'Origin');
+        response.headers.set(VARY, 'Origin');
       }
     }
     if (opts.credentials) {
-      response.headers.set('Access-Control-Allow-Credentials', 'true');
+      response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Credentials', 'true');
     }
     if (opts.exposeHeaders?.length) {
-      response.headers.set('Access-Control-Expose-Headers', fastStringArrayJoin(opts.exposeHeaders, ','));
+      response.headers.set(ACCESS_CONTROL_PREFIX + 'Expose-Headers', fastStringArrayJoin(opts.exposeHeaders, ','));
     }
 
-    let allowMethods = findAllowMethods(request.headers.get('origin') || '');
+    let allowMethods = findAllowMethods(originHeaderValue);
     if ('then' in allowMethods) {
       allowMethods = await allowMethods;
     }
     if (allowMethods.length) {
-      response.headers.set('Access-Control-Allow-Methods', fastStringArrayJoin(allowMethods, ','));
+      response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Methods', fastStringArrayJoin(allowMethods, ','));
     }
 
     if (request.method === 'OPTIONS') {
       if (opts.maxAge != null) {
-        response.headers.set('Access-Control-Max-Age', opts.maxAge.toString());
+        response.headers.set(ACCESS_CONTROL_PREFIX + 'Max-Age', opts.maxAge.toString());
       }
 
       let headers = opts.allowHeaders;
       if (!headers?.length) {
-        const requestHeaders = request.headers.get('Access-Control-Request-Headers');
+        const requestHeaders = request.headers.get(ACCESS_CONTROL_PREFIX + 'Request-Headers');
         if (requestHeaders) {
           headers = requestHeaders.split(/\s*,\s*/);
         }
       }
       if (headers?.length) {
-        response.headers.set('Access-Control-Allow-Headers', fastStringArrayJoin(headers, ','));
-        response.headers.append('Vary', 'Access-Control-Request-Headers');
+        response.headers.set(ACCESS_CONTROL_PREFIX + 'Allow-Headers', fastStringArrayJoin(headers, ','));
+        response.headers.append(VARY, ACCESS_CONTROL_PREFIX + 'Request-Headers');
       }
 
       // return new Response(null, {