forked from apxtri/apxtri
clean cors
This commit is contained in:
parent
c6b2484c45
commit
b838ab87f0
45
apxtri.js
45
apxtri.js
@ -175,21 +175,38 @@ app.disable("x-powered-by"); // for security
|
||||
app.locals.tribeids = tribeIds;
|
||||
if (log) console.log(currentmod, " app.locals.tribeids", app.locals.tribeids);
|
||||
// Cors management
|
||||
if (log) {
|
||||
let originlst = "test";
|
||||
doms.forEach((d) => {
|
||||
originlst += `|${d.replace(/\./g, "\\.")}`;
|
||||
});
|
||||
const regtxt = `^http.?:\/\/(${originlst})`;
|
||||
let cor = false;
|
||||
console.log(regtxt);
|
||||
const regorigin = new RegExp(regtxt);
|
||||
app.use((req, res, next) => {
|
||||
console.log(currentmod, "request origin:", req.headers.origin);
|
||||
console.log(currentmod, "req.headers:", req.headers);
|
||||
if (req.headers.origin == undefined) {
|
||||
cor = true;
|
||||
} else {
|
||||
cor = regorigin.test(req.headers.origin);
|
||||
}
|
||||
if (log)
|
||||
console.log(
|
||||
currentmod,
|
||||
"request origin:",
|
||||
req.headers.origin,
|
||||
"testcors:",
|
||||
cor, "headers allowed: [", conf.api.exposedHeaders.join(','),"]"
|
||||
);
|
||||
cors({
|
||||
origin: cor,
|
||||
allowedHeaders: conf.api.exposedHeaders,
|
||||
exposedHeaders: conf.api.exposedHeaders,
|
||||
credentials: true,
|
||||
preflightContinue: false,
|
||||
optionsSuccessStatus: 204
|
||||
});
|
||||
next();
|
||||
});
|
||||
}
|
||||
let origlist = [undefined];
|
||||
doms.forEach((d) => {
|
||||
origlist.push(new RegExp(`^http.?:\/\/${d.replace(/\./g, "\\.")}`));
|
||||
});
|
||||
if (log) console.log(currentmod, "List of white cors origin", origlist);
|
||||
// CORS
|
||||
//app.use(cors(corsOptions));
|
||||
app.use(cors({ origin: origlist }));
|
||||
|
||||
// Routers add any routes from /routes and /plugins
|
||||
let logroute = "Routes available on this apxtri instance: \n";
|
||||
@ -211,9 +228,9 @@ if (log) {
|
||||
}
|
||||
|
||||
app.listen(conf.api.port, () => {
|
||||
let webaccess = `api waits request on `;
|
||||
let webaccess = `api waits request on port:${conf.api.port} for`;
|
||||
conf.dns.forEach((u) => {
|
||||
webaccess += `http://${u}:${conf.api.port} `;
|
||||
webaccess += `${u}/api/ `;
|
||||
});
|
||||
if (log) console.log(currentmod, webaccess);
|
||||
});
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user