{"version":3,"file":"cors.cjs","names":["corsHeaders: CorsHeaders"],"sources":["../src/cors.ts"],"sourcesContent":["/**\n * Canonical CORS configuration for Supabase Edge Functions\n *\n * This module exports CORS headers that stay synchronized with the Supabase SDK.\n * When new headers are added to the SDK, they are automatically included here,\n * preventing CORS errors in Edge Functions.\n *\n * @example Basic usage\n * ```typescript\n * import { corsHeaders } from '@supabase/supabase-js/cors'\n *\n * Deno.serve(async (req) => {\n *   if (req.method === 'OPTIONS') {\n *     return new Response('ok', { headers: corsHeaders })\n *   }\n *\n *   return new Response(\n *     JSON.stringify({ data: 'Hello' }),\n *     { headers: { ...corsHeaders, 'Content-Type': 'application/json' } }\n *   )\n * })\n * ```\n *\n * @module cors\n */\n\n/**\n * All custom headers sent by the Supabase SDK.\n * These headers need to be included in CORS configuration to prevent preflight failures.\n *\n * Headers:\n * - authorization: Bearer token for authentication\n * - x-client-info: Library version information\n * - apikey: Project API key\n * - content-type: Standard HTTP content type\n * - x-retry-count: Retry attempt number sent by postgrest-js on retried requests\n */\nconst SUPABASE_HEADERS = [\n  'authorization',\n  'x-client-info',\n  'apikey',\n  'content-type',\n  'x-retry-count',\n].join(', ')\n\n/**\n * All HTTP methods used by the Supabase SDK\n */\nconst SUPABASE_METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'].join(', ')\n\n/**\n * Type representing CORS headers as a record of header names to values\n */\nexport type CorsHeaders = Record<string, string>\n\n/**\n * Default CORS headers for Supabase Edge Functions.\n *\n * Includes all headers sent by Supabase client libraries and allows all standard HTTP methods.\n * Use this for simple CORS configurations with wildcard origin.\n *\n * @example Basic usage\n * ```typescript\n * import { corsHeaders } from '@supabase/supabase-js/cors'\n *\n * Deno.serve(async (req) => {\n *   if (req.method === 'OPTIONS') {\n *     return new Response('ok', { headers: corsHeaders })\n *   }\n *\n *   return new Response(\n *     JSON.stringify({ data: 'Hello' }),\n *     { headers: { ...corsHeaders, 'Content-Type': 'application/json' } }\n *   )\n * })\n * ```\n *\n * @category Edge Functions\n */\nexport const corsHeaders: CorsHeaders = {\n  'Access-Control-Allow-Origin': '*',\n  'Access-Control-Allow-Headers': SUPABASE_HEADERS,\n  'Access-Control-Allow-Methods': SUPABASE_METHODS,\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCA,MAAM,mBAAmB;CACvB;CACA;CACA;CACA;CACA;CACD,CAAC,KAAK,KAAK;;;;AAKZ,MAAM,mBAAmB;CAAC;CAAO;CAAQ;CAAO;CAAS;CAAU;CAAU,CAAC,KAAK,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;AA+BxF,MAAaA,cAA2B;CACtC,+BAA+B;CAC/B,gCAAgC;CAChC,gCAAgC;CACjC"}