Serving static files in connectjs with 'Access-Control-Allow-Origin' set to '*'

I'm using Connect.js to serve my static files in a Node.js 开发者_如何学JAVAapplication; however, I want to be able to make GET requests to those static files from multiple origins, so I'd like to be able to set 'Access-Control-Allow-Origin' : '*' in the response header for these static files.

My question is, how would I go about doing this with Connect? Here's my server so far:

var connect = require('connect');
var server = connect(
    connect.static(__dirname + '/public')
);
server.listen(8080); 

Access-Control-Allow-Origin only applies to ajax requests, generally speaking. When you're serving static files, you don't need to worry about that particular header. Anyone can request those files, regardless of origin, in the default configuration.

You run into issues when you serve a regular page, and then you want to request via javascript FROM that page. Then you need to set your Access-Control-Allow-Origin policy to allow ajax requests to other domains from that particular page.

Further, you most often run into this when attempting to access a web service. Its very common to use JSONP in those cases, instead of using that particular header. Especially not * since it introduces security risks. See http://www.ibm.com/developerworks/library/wa-aj-jsonp1/ and http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/

MDN resource: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

Josh