From 49d429dd60f9e6186d2269968e601f154ffdb932 Mon Sep 17 00:00:00 2001
From: Jack Tench <gnjack@gmail.com>
Date: Fri, 14 Jul 2017 13:22:53 +0100
Subject: [PATCH] Do not send Access-Control-Max-Age header if corsMaxAge is 0
 (default)

---
 README.md            | 3 +--
 lib/cors-anywhere.js | 2 +-
 test/test.js         | 6 +-----
 3 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 6cfff53..b264190 100644
--- a/README.md
+++ b/README.md
@@ -107,8 +107,7 @@ proxy requests. The following options are supported:
   Example: `["cookie"]`
 * dictionary of lowercase strings `setHeaders` - Set headers for the request (overwrites existing ones).  
   Example: `{"x-powered-by": "CORS Anywhere"}`
-* number `corsMaxAge` - If set, an Access-Control-Max-Age request header with this value (in seconds) will be added.
-  Defaults to 0.  
+* number `corsMaxAge` - If set, an Access-Control-Max-Age request header with this value (in seconds) will be added.  
   Example: `600` - Allow CORS preflight request to be cached by the browser for 10 minutes.
 * string `helpFile` - Set the help file (shown at the homepage).  
   Example: `"myCustomHelpText.txt"`
diff --git a/lib/cors-anywhere.js b/lib/cors-anywhere.js
index ccdc8ed..e4c722a 100644
--- a/lib/cors-anywhere.js
+++ b/lib/cors-anywhere.js
@@ -53,7 +53,7 @@ function isValidHostName(hostname) {
 function withCORS(headers, request) {
   headers['access-control-allow-origin'] = '*';
   var corsMaxAge = request.corsAnywhereRequestState.corsMaxAge;
-  if (corsMaxAge != null) {
+  if (corsMaxAge) {
     headers['access-control-max-age'] = corsMaxAge;
   }
   if (request.headers['access-control-request-method']) {
diff --git a/test/test.js b/test/test.js
index c2a3f69..8ea2870 100644
--- a/test/test.js
+++ b/test/test.js
@@ -50,7 +50,6 @@ describe('Basic functionality', function() {
       .get('/')
       .type('text/plain')
       .expect('Access-Control-Allow-Origin', '*')
-      .expect('Access-Control-Max-Age', '0')
       .expect(200, helpText, done);
   });
 
@@ -92,7 +91,6 @@ describe('Basic functionality', function() {
     request(cors_anywhere)
       .get('/example.com')
       .expect('Access-Control-Allow-Origin', '*')
-      .expect('Access-Control-Max-Age', '0')
       .expect('x-request-url', 'http://example.com/')
       .expect(200, 'Response from example.com', done);
   });
@@ -841,9 +839,7 @@ describe('Access-Control-Max-Age set', function() {
 
 describe('Access-Control-Max-Age not set', function() {
   before(function() {
-    cors_anywhere = createServer({
-      corsMaxAge: null,
-    });
+    cors_anywhere = createServer();
     cors_anywhere_port = cors_anywhere.listen(0).address().port;
   });
   after(stopServer);