tkserver 1.6.10 → 1.6.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +15 -6
- package/package.json +2 -2
package/index.js
CHANGED
|
@@ -174,13 +174,22 @@ function allowCors (request, response) {
|
|
|
174
174
|
|
|
175
175
|
function getAllowedOrigin (request) {
|
|
176
176
|
const localhostRegex = /^https?:\/\/(localhost|127\.0\.0\.1|0\.0\.0\.0)(:\d{1,5})?$/
|
|
177
|
-
if (localhostRegex.test(request.headers.origin)) {
|
|
178
|
-
return request.headers.origin
|
|
179
|
-
} else if (config.CORS_ALLOW_ORIGIN) {
|
|
180
|
-
//
|
|
181
|
-
|
|
177
|
+
if (localhostRegex.test(request.headers.origin)) { // 判断是否为本地主机,如是则允许跨域
|
|
178
|
+
return request.headers.origin // Allow
|
|
179
|
+
} else if (config.CORS_ALLOW_ORIGIN) { // 如设置了安全域名则检查
|
|
180
|
+
// 适配多条 CORS 规则
|
|
181
|
+
// 以逗号分隔 CORS
|
|
182
|
+
const corsList = config.CORS_ALLOW_ORIGIN.split(',')
|
|
183
|
+
// 遍历 CORS 列表
|
|
184
|
+
for (let i = 0; i < corsList.length; i++) {
|
|
185
|
+
const cors = corsList[i].replace(/\/$/, '') // 获取当前 CORS 并去除末尾的斜杠
|
|
186
|
+
if (cors === request.headers.origin) {
|
|
187
|
+
return request.headers.origin // Allow
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
return '' // 不在安全域名列表中则禁止跨域
|
|
182
191
|
} else {
|
|
183
|
-
return request.headers.origin
|
|
192
|
+
return request.headers.origin // 未设置安全域名直接 Allow
|
|
184
193
|
}
|
|
185
194
|
}
|
|
186
195
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "tkserver",
|
|
3
|
-
"version": "1.6.
|
|
3
|
+
"version": "1.6.12",
|
|
4
4
|
"description": "A simple comment system.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"twikoo",
|
|
@@ -31,7 +31,7 @@
|
|
|
31
31
|
"get-user-ip": "^1.0.1",
|
|
32
32
|
"lokijs": "^1.5.12",
|
|
33
33
|
"mongodb": "^3.6.3",
|
|
34
|
-
"twikoo-func": "1.6.
|
|
34
|
+
"twikoo-func": "1.6.12",
|
|
35
35
|
"uuid": "^8.3.2"
|
|
36
36
|
}
|
|
37
37
|
}
|