modif cors to allow /

2026-02-27 06:56:27 +01:00
parent 506201dd73
commit 7f42fa0b02
2 changed files with 5 additions and 3 deletions
--- a/apxtri/apxtri.js
+++ b/apxtri/apxtri.js
@@ -335,7 +335,7 @@ apxtri.runexpress = async (tribesdns, conf) => {
        return callback(null, true);
      }
      
-      if (regorigin.test(origin) || allowedOrigins.includes(origin)) {
+      if (regorigin.test(origin) || allowedOrigins.includes(origin) || allowedOrigins.includes(origin.replace(/\/$/, ''))) {
        return callback(null, true);
      } else {
        console.log(
@@ -353,7 +353,7 @@ apxtri.runexpress = async (tribesdns, conf) => {

  app.use((req, res, next) => {
    const origin = req.headers.origin;
-    if (origin && !regorigin.test(origin) && !allowedOrigins.includes(origin)) {
+    if (origin && !regorigin.test(origin) && !allowedOrigins.includes(origin) && !allowedOrigins.includes(origin.replace(/\/$/, ''))) {
      console.log(`CORS blocked: ${origin}`);
      return res.status(403).json({ error: 'CORS not allowed', origin });
    }
--- a/apxtri/setup/initadminapi.json
+++ b/apxtri/setup/initadminapi.json
@@ -22,7 +22,9 @@
            "xlang",
            "xtribe",
            "xapp",
-            "xuuid"
+            "xuuid",
+            "xprofils",
+            "xtrkversion"
        ],
        "appset": {
            "trust proxy": true