npm - @nest-omni/core - Versions diffs - 1.0.55 → 1.0.56-1 - Mend

@nest-omni/core 1.0.55 → 1.0.56-1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json +1 -1
package/setup/bootstrap.setup.js +2 -1
package/shared/services/api-config.service.js +16 -6
package/tsconfig.tsbuildinfo +1 -1

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@nest-omni/core",
-  "version": "1.0.55",
+  "version": "1.0.56-1",
   "description": "framework",
   "main": "index.js",
   "types": "index.d.ts",

package/setup/bootstrap.setup.js CHANGED Viewed

@@ -23,6 +23,7 @@ const nestjs_sentry_1 = require("@ntegral/nestjs-sentry");
 const nestjs_i18n_1 = require("nestjs-i18n");
 const crud_1 = require("@dataui/crud");
 const nestjs_cls_1 = require("nestjs-cls");
+const compression = require("compression");
 crud_1.CrudConfigService.load({
     auth: {
         property: 'user',
@@ -124,7 +125,7 @@ function bootstrapSetup(AppModule, SetupSwagger) {
         setupGracefulShutdown(app);
         app.enableVersioning();
         app.enable('trust proxy');
-        app.use(bodyParse.json({ limit: '50mb' }), new nestjs_cls_1.ClsMiddleware({}).use, (0, __1.RequestIdMiddleware)(), (0, __1.PowerByMiddleware)(), (0, __1.OmniAuthMiddleware)());
+        app.use(bodyParse.json({ limit: '50mb' }), new nestjs_cls_1.ClsMiddleware({}).use, (0, __1.RequestIdMiddleware)(), (0, __1.PowerByMiddleware)(), (0, __1.OmniAuthMiddleware)(), compression());
         const reflector = app.get(core_1.Reflector);
         app.useGlobalFilters(new __1.HttpExceptionFilter(), new __1.QueryFailedFilter(reflector));
         app.useGlobalInterceptors(new __1.LanguageInterceptor(), new __1.TranslationInterceptor(), new nestjs_pino_1.LoggerErrorInterceptor(), new nestjs_sentry_1.SentryInterceptor({

package/shared/services/api-config.service.js CHANGED Viewed

@@ -159,13 +159,23 @@ let ApiConfigService = ApiConfigService_1 = class ApiConfigService {
         const allowedDomains = this.getString('CORS_ORIGIN').split(',');
         return {
             origin: (origin, callback) => {
-                if (!origin ||
-                    allowedDomains.some((domain) => origin.endsWith(domain))) {
-                    callback(null, origin);
-                }
-                else {
-                    callback(new common_1.BadRequestException('Not allowed by CORS'));
+                if (!origin) {
+                    return callback(null, true);
                 }
+                const isAllowed = allowedDomains.some((domain) => {
+                    if (domain.includes('*')) {
+                        const regexPattern = domain
+                            .replace(/\./g, '\\.')
+                            .replace(':*', '(:\\d+)?')
+                            .replace('*\\.', '(.*\\.)?');
+                        const fullRegex = new RegExp(`^https?:\/\/${regexPattern}$`, 'i');
+                        return fullRegex.test(origin);
+                    }
+                    return origin === domain || origin.startsWith(`${domain}:`);
+                });
+                isAllowed
+                    ? callback(null, origin)
+                    : callback(new common_1.BadRequestException('Not allowed by CORS'));
             },
             methods: this.getString('CORS_METHODS'),
             allowedHeaders: this.getString('CORS_ALLOWED_HEADERS'),