Skip to content

Commit

Permalink
fixes for cors
Browse files Browse the repository at this point in the history
  • Loading branch information
@Unreal-Dan
Unreal-Dan committed Dec 9, 2024
1 parent a85cfcb commit 16ce36c
Showing 1 changed file with 13 additions and 17 deletions.
30 changes: 13 additions & 17 deletions app.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,23 +22,6 @@ var app = express();

require('./config/passport')(passport);

// Dynamic CORS origin handler
const allowedOrigins = ['https://lightshow.lol'];
app.use(cors({
origin: function (origin, callback) {
// Allow requests with no origin (like mobile apps or Postman)
if (!origin) return callback(null, true);

if (allowedOrigins.includes(origin)) {
callback(null, true);
} else {
callback(new Error('Not allowed by CORS'));
}
},
methods: ['GET', 'POST', 'PUT', 'DELETE'],
credentials: true, // Allow credentials like cookies and sessions
}));

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
Expand All @@ -47,8 +30,21 @@ app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(cookieParser());

// servce static files from public directory
app.use(express.static(path.join(__dirname, 'public')));

// Add CORS headers specifically for the 'firmwares' folder
app.use('/firmwares', (req, res, next) => {
const origin = req.headers.origin;
if (origin === 'https://lightshow.lol') {
res.setHeader('Access-Control-Allow-Origin', origin);
res.setHeader('Access-Control-Allow-Methods', 'GET');
res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
}
next();
});

// Use the setPageStyles middleware to inject css
app.use(require('./middleware/setPageStyles'));

Expand Down

0 comments on commit 16ce36c

Please sign in to comment.