admin管理员组文章数量:1326076
Something is off with my setup. I'm wondering if it is how I defined my list of allowed origins in my .env file.
In my .env file i have a list of trusted subdomains:
// .env file
ALLOWED_ORIGINS=http://localhost:3001, http://localhost:3000, ,
in my server.ts file I am trying to set origins to the value from my .env file, see the line origins: allowedOrigins. It was previously set to origins: ['*']
// server.ts file
export default createServer = (container) => {
const env = process.env.NODE_ENV
const allowedOrigins = process.env.ALLOWED_ORIGINS || ''
const cors = Cors({
origins: allowedOrigins,
allowedHeaders: [
'access-control-allow-origin',
'authorization',
'Pragma',
'contact',
],
exposeHeaders: []
})
}
Something is off with my setup. I'm wondering if it is how I defined my list of allowed origins in my .env file.
In my .env file i have a list of trusted subdomains:
// .env file
ALLOWED_ORIGINS=http://localhost:3001, http://localhost:3000, https://wwww.site1., https://www.site2.
in my server.ts file I am trying to set origins to the value from my .env file, see the line origins: allowedOrigins. It was previously set to origins: ['*']
// server.ts file
export default createServer = (container) => {
const env = process.env.NODE_ENV
const allowedOrigins = process.env.ALLOWED_ORIGINS || ''
const cors = Cors({
origins: allowedOrigins,
allowedHeaders: [
'access-control-allow-origin',
'authorization',
'Pragma',
'contact',
],
exposeHeaders: []
})
}
- 1 And what exactly is "off"? Did you check what value you're actually setting origins to? – jonrsharpe Commented Jul 12, 2021 at 17:25
2 Answers
Reset to default 5I checked the cors npm page, the origins option does not accept multiple origins in a ma-separated string. It accepts an array instead.
You can split your environment variable by "," to have the desired format. In the code below, I added the .trim() method to cut down unnecessaries spaces in the string.
// server.ts file
export default createServer = (container) => {
const env = process.env.NODE_ENV
const allowedOrigins = process.env.ALLOWED_ORIGINS || ''
const allowedOriginsArray = allowedOrigins.split(",").map(item => item.trim());
const cors = Cors({
origins: allowedOriginsArray,
allowedHeaders: [
'access-control-allow-origin',
'authorization',
'Pragma',
'contact',
],
exposeHeaders: []
})
}
You just have to split them by ma
const allowedOrigins = process.env.ALLOWED_ORIGINS.split(",") || '';
Also,
I believe it is just origin and not origins
For the below, allowedOrigins must be an array. so you just map and return an array
const allowedOrigins = process.env.ALLOWED_ORIGINS.split(',').map(origin=>origin);
const cors = Cors({
origin: (origin, callback) => {
allowedOrigins.includes(origin) ? callback(null, true) : callback(new Error('Not allowed by CORS'))
},
allowedHeaders: [
'access-control-allow-origin',
'authorization',
'Pragma',
'contact',
],
exposeHeaders: []
})
}
Ref:- https://www.npmjs./package/cors
本文标签:
版权声明:本文标题:I'm trying to set my cors origins value to a list of trusted subdomains, using node.js and javascript - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742195598a2431021.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论