From 50b9b13c5dce1bb920f515648c803994e5d1a0e2 Mon Sep 17 00:00:00 2001
From: philc <phc@ndda.fr>
Date: Thu, 26 Feb 2026 14:31:16 +0100
Subject: [PATCH] allow port in cors

---
 apxtri/apxtri.js | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/apxtri/apxtri.js b/apxtri/apxtri.js
index fb997ed..eb8a065 100755
--- a/apxtri/apxtri.js
+++ b/apxtri/apxtri.js
@@ -322,13 +322,16 @@ apxtri.runexpress = async (tribesdns, conf) => {
   regtxt += ")$";
   //  let cor = false;whatwg-url
   const regorigin = new RegExp(regtxt);
+  const allowedOrigins = [
+    'http://dev.smatchit.io:8081',
+  ];
   app.use(cors({
     origin: function (origin, callback) {
       if (!origin) {
         return callback(null, true);
       }
       
-      if (regorigin.test(origin)) {
+      if (regorigin.test(origin) || allowedOrigins.includes(origin)) {
         return callback(null, true);
       } else {
         console.log(
@@ -346,7 +349,7 @@ apxtri.runexpress = async (tribesdns, conf) => {
 
   app.use((req, res, next) => {
     const origin = req.headers.origin;
-    if (origin && !regorigin.test(origin)) {
+    if (origin && !regorigin.test(origin) && !allowedOrigins.includes(origin)) {
       console.log(`CORS blocked: ${origin}`);
       return res.status(403).json({ error: 'CORS not allowed', origin });
     }