jeffemmett
/
canvas-website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix worker deployment

This commit is contained in:
Jeff Emmett 2024-12-07 13:15:38 -05:00
parent 3a2a38c0b6
commit 0eb4407219
3 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -180,6 +180,7 @@ dist
# Environment variables # Environment variables
.env* .env*
.env.development
!.env.example !.env.example
.vercel .vercel

2
src/components/Board.tsx
View File

@ -27,7 +27,7 @@ import { useCameraControls } from '@/hooks/useCameraControls'
import { zoomToSelection } from '../ui-overrides' import { zoomToSelection } from '../ui-overrides'
//const WORKER_URL = `https://jeffemmett-canvas.jeffemmett.workers.dev` //const WORKER_URL = `https://jeffemmett-canvas.jeffemmett.workers.dev`
export const WORKER_URL = 'https://jeffemmett-canvas.jeffemmett.workers.dev'; export const WORKER_URL = import.meta.env.VITE_TLDRAW_WORKER_URL || 'https://jeffemmett-canvas.jeffemmett.workers.dev';
const shapeUtils = [ChatBoxShape, VideoChatShape, EmbedShape] const shapeUtils = [ChatBoxShape, VideoChatShape, EmbedShape]
const tools = [ChatBoxTool, VideoChatTool, EmbedTool]; // Array of tools const tools = [ChatBoxTool, VideoChatTool, EmbedTool]; // Array of tools

29
worker/worker.ts
View File

@ -21,7 +21,11 @@ const securityHeaders = {
// we're hosting the worker separately to the client. you should restrict this to your own domain. // we're hosting the worker separately to the client. you should restrict this to your own domain.
const { preflight, corsify } = cors({ const { preflight, corsify } = cors({
origin: (origin) => { origin: (origin) => {
if (!origin) return undefined const allowedOrigins = [
'https://jeffemmett.com',
'https://www.jeffemmett.com',
'https://jeffemmett-canvas.jeffemmett.workers.dev'
];
const allowedPatterns = [ const allowedPatterns = [
// Localhost with any port // Localhost with any port
@ -41,14 +45,20 @@ const { preflight, corsify } = cors({
/^https:\/\/jeffemmett-canvas\.jeffemmett\.workers\.dev$/ /^https:\/\/jeffemmett-canvas\.jeffemmett\.workers\.dev$/
] ]
// Check if origin matches any of our patterns
const isAllowed = allowedPatterns.some(pattern =>
pattern instanceof RegExp
? pattern.test(origin)
: pattern === origin
)
return isAllowed ? origin : undefined if (!origin) return undefined;
// Check exact matches first
if (allowedOrigins.includes(origin)) {
return origin;
}
// Then check patterns
if (allowedPatterns.some(pattern => pattern.test(origin))) {
return origin;
}
return undefined;
}, },
allowMethods: ['GET', 'POST', 'OPTIONS', 'UPGRADE'], allowMethods: ['GET', 'POST', 'OPTIONS', 'UPGRADE'],
allowHeaders: [ allowHeaders: [
@ -59,8 +69,7 @@ const { preflight, corsify } = cors({
'Sec-WebSocket-Key', 'Sec-WebSocket-Key',
'Sec-WebSocket-Version', 'Sec-WebSocket-Version',
'Sec-WebSocket-Extensions', 'Sec-WebSocket-Extensions',
'Sec-WebSocket-Protocol', 'Sec-WebSocket-Protocol'
...Object.keys(securityHeaders)
], ],
maxAge: 86400, maxAge: 86400,
}) })