In my default web.js, for development I have some access control headers to facilitate our development environment:
httpHeaders : {
'X-Powered-By' : api.config.general.serverName,
'Access-Control-Allow-Origin' : 'http://localhost:3000',
'Access-Control-Allow-Methods': 'HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS, TRACE',
'Access-Control-Allow-Credentials': 'true', //
'Access-Control-Allow-Headers': 'Content-Type,X-Requested-With'
},
In production, i want to remove those headers, but keep the powered by header, so I set the Access-Control headers to null, thinking it would remove like shown in the padding example:
exports.production = {
servers: {
web: function(api){
return {
httpHeaders : {
'Access-Control-Allow-Origin' : null,
'Access-Control-Allow-Methods': null,
'Access-Control-Allow-Credentials': null,
'Access-Control-Allow-Headers': null
},
padding: null,
But instead Im getting null in the headers. Is there a way to remove these settings when overriding the merge of configs in production?