Created
May 24, 2025 17:04
-
-
Save Hunter87ff/e5efbdd050faaa6830cb08513c613b8f to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * * @param {express.Request} req | |
| * * @param {express.Response} res | |
| */ | |
| function getOrigin(origin, callback) { | |
| try { | |
| const _allowedOrigins = process.env.MODE ? [ | |
| "http://localhost:3000", //for local development | |
| "http://localhost:3001" | |
| ] : [ | |
| 'https://client-side.com' | |
| // Add more allowed origins as needed | |
| ]; | |
| console.log("Wildcard Origin:", _allowedOrigins); | |
| // Allow origin if it's in the list | |
| if (_allowedOrigins.includes(origin)) { | |
| return callback(null, origin); | |
| } | |
| // Optionally block unknown origins instead of defaulting to one | |
| return callback(new Error('Not allowed by CORS'), false); | |
| } catch (error) { | |
| console.error("Error determining origin:", error); | |
| return callback(null, "http://localhost:3000"); // Safe fallback | |
| } | |
| } | |
| //assuming app defined somewhere | |
| app.use( | |
| cors({ | |
| origin: getOrigin, | |
| credentials: true, | |
| methods: ['GET', 'POST', 'PUT', 'DELETE'], | |
| }) | |
| ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment