allow requests without origin header to api domain

This commit is contained in:
hippoz 2021-01-23 00:25:21 +02:00
parent 2f28d606e0
commit 45a4a50812
Signed by: hippoz
GPG key ID: 7C52899193467641

View file

@ -19,7 +19,7 @@ app.use(express.json());
app.use(cookieParser());
app.use(cors({
origin: function (origin, callback) {
if (config.corsAllowList.indexOf(origin) !== -1) {
if (config.corsAllowList.indexOf(origin) !== -1 || !origin) {
callback(null, true);
} else {
callback(new Error('Not allowed by CORS'));