expressjs
Add ability to omit `Vary: Origin` header
Hello! Thank you to the authors and maintainers for this important package.
We have an issue where we would like the ability to conditionally omit Vary: Origin as a header. In our use case, we have specific routes for which the responses does not vary based on the requesting origin, e.g. a route for vending static image content.
Without this functionality, we are unable to use Cloudflare Polish^1, which only accepts Vary: Accept-Encoding^2, short of effectively rewriting all the cors code minus the Vary: Origin header.
Would this repository be able to add this functionality, or accept a patch to allow conditionally removing this header based on the requested routes?
Thank you again!
cc @UlisesGascon @troygoode @dougwilson
I have opened a PR that will close this issue. I tentatively set the package version to 2.9.0, because I believe this feature warrants a new minor version but does not warrant a new major version.
Apologies for the ping if you are no longer maintaining this package!
For anyone who encounters this:
It might be tedious, depending on how many routes you need to apply this to, but here's a function you can use to remove the Origin: Vary header after the cors middleware has been applied to your route.
export function removeVaryOriginHeader(res: Response) {
const varyHeader = res.getHeader('Vary')
if (typeof varyHeader === 'string' && varyHeader === 'Origin') {
res.removeHeader('Vary')
} else if (Array.isArray(varyHeader) && varyHeader.includes('Origin')) {
const updatedVaryHeader = varyHeader.filter((header) => header !== 'Origin')
res.setHeader('Vary', updatedVaryHeader)
}
}
I opened a discussion on Slack (https://openjs-foundation.slack.com/archives/C02QB1731FH/p1711971438045899), I want to collect more feedback on this.
Feel free to join us in slack. invitation link
