clean cors
This commit is contained in:
47
apxtri.js
47
apxtri.js
@@ -175,21 +175,38 @@ app.disable("x-powered-by"); // for security
|
|||||||
app.locals.tribeids = tribeIds;
|
app.locals.tribeids = tribeIds;
|
||||||
if (log) console.log(currentmod, " app.locals.tribeids", app.locals.tribeids);
|
if (log) console.log(currentmod, " app.locals.tribeids", app.locals.tribeids);
|
||||||
// Cors management
|
// Cors management
|
||||||
if (log) {
|
let originlst = "test";
|
||||||
app.use((req, res, next) => {
|
|
||||||
console.log(currentmod, "request origin:", req.headers.origin);
|
|
||||||
console.log(currentmod, "req.headers:", req.headers);
|
|
||||||
next();
|
|
||||||
});
|
|
||||||
}
|
|
||||||
let origlist = [undefined];
|
|
||||||
doms.forEach((d) => {
|
doms.forEach((d) => {
|
||||||
origlist.push(new RegExp(`^http.?:\/\/${d.replace(/\./g, "\\.")}`));
|
originlst += `|${d.replace(/\./g, "\\.")}`;
|
||||||
|
});
|
||||||
|
const regtxt = `^http.?:\/\/(${originlst})`;
|
||||||
|
let cor = false;
|
||||||
|
console.log(regtxt);
|
||||||
|
const regorigin = new RegExp(regtxt);
|
||||||
|
app.use((req, res, next) => {
|
||||||
|
if (req.headers.origin == undefined) {
|
||||||
|
cor = true;
|
||||||
|
} else {
|
||||||
|
cor = regorigin.test(req.headers.origin);
|
||||||
|
}
|
||||||
|
if (log)
|
||||||
|
console.log(
|
||||||
|
currentmod,
|
||||||
|
"request origin:",
|
||||||
|
req.headers.origin,
|
||||||
|
"testcors:",
|
||||||
|
cor, "headers allowed: [", conf.api.exposedHeaders.join(','),"]"
|
||||||
|
);
|
||||||
|
cors({
|
||||||
|
origin: cor,
|
||||||
|
allowedHeaders: conf.api.exposedHeaders,
|
||||||
|
exposedHeaders: conf.api.exposedHeaders,
|
||||||
|
credentials: true,
|
||||||
|
preflightContinue: false,
|
||||||
|
optionsSuccessStatus: 204
|
||||||
|
});
|
||||||
|
next();
|
||||||
});
|
});
|
||||||
if (log) console.log(currentmod, "List of white cors origin", origlist);
|
|
||||||
// CORS
|
|
||||||
//app.use(cors(corsOptions));
|
|
||||||
app.use(cors({ origin: origlist }));
|
|
||||||
|
|
||||||
// Routers add any routes from /routes and /plugins
|
// Routers add any routes from /routes and /plugins
|
||||||
let logroute = "Routes available on this apxtri instance: \n";
|
let logroute = "Routes available on this apxtri instance: \n";
|
||||||
@@ -211,9 +228,9 @@ if (log) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
app.listen(conf.api.port, () => {
|
app.listen(conf.api.port, () => {
|
||||||
let webaccess = `api waits request on `;
|
let webaccess = `api waits request on port:${conf.api.port} for`;
|
||||||
conf.dns.forEach((u) => {
|
conf.dns.forEach((u) => {
|
||||||
webaccess += `http://${u}:${conf.api.port} `;
|
webaccess += `${u}/api/ `;
|
||||||
});
|
});
|
||||||
if (log) console.log(currentmod, webaccess);
|
if (log) console.log(currentmod, webaccess);
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user