npm - badmfck-api-server - Versions diffs - 3.9.94 → 3.9.95 - Mend

badmfck-api-server 3.9.94 → 3.9.95

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/apiServer/APIService.js +20 -1
package/package.json +1 -1

package/dist/apiServer/APIService.js CHANGED Viewed

@@ -29,6 +29,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.APIService = exports.Initializer = exports.REQ_DOC_USERS = exports.REQ_MONITOR_USERS = exports.REQ_INTERNAL_CALL = exports.REQ_HTTP_SERVER = exports.REQ_HTTP_REQUESTS_COUNT = exports.REQ_HTTP_LOG = exports.getDefaultOptions = void 0;
 const express_1 = __importDefault(require("express"));
 const BaseService_1 = require("./BaseService");
+const cors_1 = __importDefault(require("cors"));
 const BaseEndpoint_1 = require("./BaseEndpoint");
 const DefaultErrors_1 = __importStar(require("./structures/DefaultErrors"));
 const badmfck_signal_1 = require("badmfck-signal");
@@ -207,13 +208,31 @@ class APIService extends BaseService_1.BaseService {
             return;
         });
         const corsSet = new Set(this.options.corsHostWhiteList.map(x => String(x).replace(/\/$/, "")));
+        const corsOptions = {
+            origin: (origin, callback) => {
+                if (!origin)
+                    return callback(null, true);
+                try {
+                    const o = new URL(String(origin));
+                    const originNorm = o.origin.replace(/\/$/, "");
+                    const hostNorm = o.host.replace(/\/$/, "");
+                    const ok = corsSet.has(originNorm);
+                    return callback(null, ok);
+                }
+                catch {
+                    return callback(null, false);
+                }
+            },
+            credentials: true
+        };
+        app.use((0, cors_1.default)(corsOptions));
         app.use((req, res, next) => {
             const originHeader = req.headers.origin;
             if (!originHeader)
                 return next();
             let originNorm;
             try {
-                originNorm = new URL(String(originHeader)).origin;
+                originNorm = new URL(String(originHeader)).origin.replace(/\/$/, "");
             }
             catch {
                 res.status(403).send({

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "badmfck-api-server",
-  "version": "3.9.94",
+  "version": "3.9.95",
   "description": "Simple API http server based on express",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",