From 7f42fa0b020cca9774afadc57d1f69a15dffd145 Mon Sep 17 00:00:00 2001
From: philc <phc@ndda.fr>
Date: Fri, 27 Feb 2026 06:56:27 +0100
Subject: [PATCH] modif cors to allow /

---
 apxtri/apxtri.js               | 4 ++--
 apxtri/setup/initadminapi.json | 4 +++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/apxtri/apxtri.js b/apxtri/apxtri.js
index 8ec72fd..92f416d 100755
--- a/apxtri/apxtri.js
+++ b/apxtri/apxtri.js
@@ -335,7 +335,7 @@ apxtri.runexpress = async (tribesdns, conf) => {
         return callback(null, true);
       }
       
-      if (regorigin.test(origin) || allowedOrigins.includes(origin)) {
+      if (regorigin.test(origin) || allowedOrigins.includes(origin) || allowedOrigins.includes(origin.replace(/\/$/, ''))) {
         return callback(null, true);
       } else {
         console.log(
@@ -353,7 +353,7 @@ apxtri.runexpress = async (tribesdns, conf) => {
 
   app.use((req, res, next) => {
     const origin = req.headers.origin;
-    if (origin && !regorigin.test(origin) && !allowedOrigins.includes(origin)) {
+    if (origin && !regorigin.test(origin) && !allowedOrigins.includes(origin) && !allowedOrigins.includes(origin.replace(/\/$/, ''))) {
       console.log(`CORS blocked: ${origin}`);
       return res.status(403).json({ error: 'CORS not allowed', origin });
     }
diff --git a/apxtri/setup/initadminapi.json b/apxtri/setup/initadminapi.json
index 38c53d7..21c8041 100644
--- a/apxtri/setup/initadminapi.json
+++ b/apxtri/setup/initadminapi.json
@@ -22,7 +22,9 @@
             "xlang",
             "xtribe",
             "xapp",
-            "xuuid"
+            "xuuid",
+            "xprofils",
+            "xtrkversion"
         ],
         "appset": {
             "trust proxy": true