1
0
forked from apxtri/apxtri

clean cors

This commit is contained in:
philc 2024-02-27 12:36:31 +01:00
parent c6b2484c45
commit b838ab87f0

View File

@ -175,21 +175,38 @@ app.disable("x-powered-by"); // for security
app.locals.tribeids = tribeIds;
if (log) console.log(currentmod, " app.locals.tribeids", app.locals.tribeids);
// Cors management
if (log) {
app.use((req, res, next) => {
console.log(currentmod, "request origin:", req.headers.origin);
console.log(currentmod, "req.headers:", req.headers);
next();
});
}
let origlist = [undefined];
let originlst = "test";
doms.forEach((d) => {
origlist.push(new RegExp(`^http.?:\/\/${d.replace(/\./g, "\\.")}`));
originlst += `|${d.replace(/\./g, "\\.")}`;
});
const regtxt = `^http.?:\/\/(${originlst})`;
let cor = false;
console.log(regtxt);
const regorigin = new RegExp(regtxt);
app.use((req, res, next) => {
if (req.headers.origin == undefined) {
cor = true;
} else {
cor = regorigin.test(req.headers.origin);
}
if (log)
console.log(
currentmod,
"request origin:",
req.headers.origin,
"testcors:",
cor, "headers allowed: [", conf.api.exposedHeaders.join(','),"]"
);
cors({
origin: cor,
allowedHeaders: conf.api.exposedHeaders,
exposedHeaders: conf.api.exposedHeaders,
credentials: true,
preflightContinue: false,
optionsSuccessStatus: 204
});
next();
});
if (log) console.log(currentmod, "List of white cors origin", origlist);
// CORS
//app.use(cors(corsOptions));
app.use(cors({ origin: origlist }));
// Routers add any routes from /routes and /plugins
let logroute = "Routes available on this apxtri instance: \n";
@ -211,9 +228,9 @@ if (log) {
}
app.listen(conf.api.port, () => {
let webaccess = `api waits request on `;
let webaccess = `api waits request on port:${conf.api.port} for`;
conf.dns.forEach((u) => {
webaccess += `http://${u}:${conf.api.port} `;
webaccess += `${u}/api/ `;
});
if (log) console.log(currentmod, webaccess);
});