The comment is essentially saying that you can add this to any of your routes and you’re checking the incoming method from each request to see if it is one of the whitelisted HTTP methods, and if not, you’re going to return a 405 to let the user know that the method they’ve tried to hit is unsupported.
You could use a middleware to blanket this for all requests.
const allowedMethods = ['GET', 'HEAD', 'POST']
app.use((req, res, next) => {
if (!allowedMethods.includes(req.method)) return res.end(405, 'Method Not Allowed')
return next()
})
