allow requests without origin header to api domain

This commit is contained in:
hippoz 2021-01-23 00:25:21 +02:00
parent 2f28d606e0
commit 45a4a50812
No known key found for this signature in database
GPG key ID: 7C52899193467641

View file

@ -19,7 +19,7 @@ app.use(express.json());
app.use(cookieParser()); app.use(cookieParser());
app.use(cors({ app.use(cors({
origin: function (origin, callback) { origin: function (origin, callback) {
if (config.corsAllowList.indexOf(origin) !== -1) { if (config.corsAllowList.indexOf(origin) !== -1 || !origin) {
callback(null, true); callback(null, true);
} else { } else {
callback(new Error('Not allowed by CORS')); callback(new Error('Not allowed by CORS'));