Always allow localhost CORS requests

This commit is contained in:
Andrew Nicolaou 2020-04-19 13:39:00 +02:00
parent 33db5fb1ef
commit edc0e6ffb3

View file

@ -46,8 +46,9 @@ if (process.env.BASIC_USERNAME && process.env.BASIC_PASSWORD) {
}));
}
const corsOriginsWhitelist = [
const allowedCorsOrigins = [
/p5js\.org$/,
/localhost/ // to allow client-only development
];
// Run Webpack dev server in development mode
@ -55,8 +56,6 @@ if (process.env.NODE_ENV === 'development') {
const compiler = webpack(config);
app.use(webpackDevMiddleware(compiler, { noInfo: true, publicPath: config.output.publicPath }));
app.use(webpackHotMiddleware(compiler));
corsOriginsWhitelist.push(/localhost/);
}
const mongoConnectionString = process.env.MONGO_URL;
@ -65,7 +64,7 @@ app.set('trust proxy', true);
// Enable Cross-Origin Resource Sharing (CORS) for all origins
const corsMiddleware = cors({
credentials: true,
origin: corsOriginsWhitelist,
origin: allowedCorsOrigins,
});
app.use(corsMiddleware);
// Enable pre-flight OPTIONS route for all end-points