Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Option preflightContinue not working with origin function #293

Open
RiccardoRomagnoli opened this issue Nov 24, 2022 · 0 comments
Open

Option preflightContinue not working with origin function #293

RiccardoRomagnoli opened this issue Nov 24, 2022 · 0 comments

Comments

@RiccardoRomagnoli
Copy link

RiccardoRomagnoli commented Nov 24, 2022
edited
Loading

When origin has a function logic it prevents to be overwritten on a next() by another cors policy when preflightContinue is set true.

Example:

const allowedOrigins = [`${config.frontendUrl}`];
// enable cors
app.use(cors({
  origin: function(origin, callback){
    if(!origin) return callback(null, true);
    if(allowedOrigins.indexOf(origin) === -1){
      const msg = 'The CORS policy for this site does not ' +
                'allow access from the specified Origin.';
      return callback(new Error(msg), false);
    }
    return callback(null, true);
  },
  credentials: true,
  // Allow follow-up middleware to override this CORS for options
  preflightContinue: true,
}));

This should be applied everywhere exept if redefined like

const corsOptions = { 
  origin: true,
  credentials: true
}
router.post('/test', cors(corsOptions), (req, res) => {});

In this example /test will always be blocked by cors policy, if instead I use origin: allowedOrigins (Array value) it works. Any ideas?

#40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@RiccardoRomagnoli