This commit is contained in:
silverpro89
9
app.js
9
app.js
@@ -69,8 +69,15 @@ app.use(helmet({
|
|||||||
},
|
},
|
||||||
}));
|
}));
|
||||||
app.use(cors({
|
app.use(cors({
|
||||||
origin: config.cors.origin,
|
origin: (origin, callback) => {
|
||||||
|
// Allow requests with no origin (mobile apps, Postman, server-to-server)
|
||||||
|
if (!origin) return callback(null, true);
|
||||||
|
// Allow all origins but still support credentials
|
||||||
|
return callback(null, true);
|
||||||
|
},
|
||||||
credentials: true,
|
credentials: true,
|
||||||
|
methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
|
||||||
|
allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],
|
||||||
}));
|
}));
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user