jeffemmett
/
canvas-website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CORS for prod env

This commit is contained in:
Jeff Emmett 2024-12-07 14:33:31 -05:00
parent 97b00c1569
commit 71fc07133a
1 changed files with 7 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
worker/worker.ts
View File

@ -27,24 +27,14 @@ const { preflight, corsify } = cors({
'https://jeffemmett-canvas.jeffemmett.workers.dev' 'https://jeffemmett-canvas.jeffemmett.workers.dev'
]; ];
const allowedPatterns = [ // Development patterns
// Localhost with any port const devPatterns = [
/^http:\/\/localhost:\d+$/, /^http:\/\/localhost:\d+$/,
// 127.0.0.1 with any port
/^http:\/\/127\.0\.0\.1:\d+$/, /^http:\/\/127\.0\.0\.1:\d+$/,
// 192.168.*.* with any port
/^http:\/\/192\.168\.\d+\.\d+:\d+$/, /^http:\/\/192\.168\.\d+\.\d+:\d+$/,
// 169.254.*.* with any port
/^http:\/\/169\.254\.\d+\.\d+:\d+$/, /^http:\/\/169\.254\.\d+\.\d+:\d+$/,
// 10.*.*.* with any port /^http:\/\/10\.\d+\.\d+\.\d+:\d+$/
/^http:\/\/10\.\d+\.\d+\.\d+:\d+$/, ];
// Production domain
/^https:\/\/jeffemmett\.com$/,
/^https:\/\/www\.jeffemmett\.com$/,
// Worker domain
/^https:\/\/jeffemmett-canvas\.jeffemmett\.workers\.dev$/
]
if (!origin) return undefined; if (!origin) return undefined;
@ -53,8 +43,8 @@ const { preflight, corsify } = cors({
return origin; return origin;
} }
// Then check patterns // Then check development patterns
if (allowedPatterns.some(pattern => pattern.test(origin))) { if (process.env.NODE_ENV === 'development' && devPatterns.some(pattern => pattern.test(origin))) {
return origin; return origin;
} }
@ -72,6 +62,7 @@ const { preflight, corsify } = cors({
'Sec-WebSocket-Protocol' 'Sec-WebSocket-Protocol'
], ],
maxAge: 86400, maxAge: 86400,
credentials: true
}) })
const router = AutoRouter<IRequest, [env: Environment, ctx: ExecutionContext]>({ const router = AutoRouter<IRequest, [env: Environment, ctx: ExecutionContext]>({
before: [preflight], before: [preflight],