Fix: CORS logging issue #1576

packages/server-admin-ui/src/views/security/Settings.js

@@ -215,7 +215,7 @@ class Settings extends Component {
                           by configuring allowed CORS origins below. The host
                           where this page is loaded from is automatically
                           included in the allowed CORS origins so that the Admin
-                          UI continues to work.
+                          UI continues to work. Changes to the Allowed CORS origins requires a server restart.
                         </Label>
                       </Col>
                     </FormGroup>{' '}

src/cors.ts

@@ -1,11 +1,8 @@
 import { IRouter } from 'express'
 import { createDebug } from './debug'
-// eslint-disable-next-line @typescript-eslint/no-unused-vars
-import { ACL, Device, SecurityConfig } from './security'
+import { SecurityConfig } from './security'
 import cors, { CorsOptions } from 'cors'
 
-type OriginCallback = (err: Error | null, origin?: string) => void
-
 export function setupCors(
   app: IRouter,
   { allowedCorsOrigins }: SecurityConfig
@@ -18,23 +15,11 @@ export function setupCors(
         .map((s: string) => s.trim().replace(/\/*$/, ''))
     : []
   corsDebug(`corsOrigins:${corsOrigins.toString()}`)
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   const corsOptions: CorsOptions = {
-    credentials: true
-  }
-  if (corsOrigins.length) {
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    corsOptions.origin = (origin: string | undefined, cb: OriginCallback) => {
-      if (origin === undefined || corsOrigins.indexOf(origin) >= 0) {
-        corsDebug(`${origin} OK`)
-        cb(null, origin)
-      } else {
-        const errorMsg = `${origin} not allowed`
-        corsDebug(errorMsg)
-        cb(new Error(errorMsg))
-      }
-    }
+    credentials: true,
+    origin: allowedCorsOrigins
   }
+
   app.use(cors(corsOptions))
 }