tkserver 1.6.40 → 1.6.42
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/mongo.js +15 -6
- package/package.json +2 -2
package/mongo.js
CHANGED
|
@@ -181,13 +181,22 @@ function allowCors (request, response) {
|
|
|
181
181
|
|
|
182
182
|
function getAllowedOrigin (request) {
|
|
183
183
|
const localhostRegex = /^https?:\/\/(localhost|127\.0\.0\.1|0\.0\.0\.0)(:\d{1,5})?$/
|
|
184
|
-
if (localhostRegex.test(request.headers.origin)) {
|
|
185
|
-
return request.headers.origin
|
|
186
|
-
} else if (config.CORS_ALLOW_ORIGIN) {
|
|
187
|
-
//
|
|
188
|
-
|
|
184
|
+
if (localhostRegex.test(request.headers.origin)) { // 判断是否为本地主机,如是则允许跨域
|
|
185
|
+
return request.headers.origin // Allow
|
|
186
|
+
} else if (config.CORS_ALLOW_ORIGIN) { // 如设置了安全域名则检查
|
|
187
|
+
// 适配多条 CORS 规则
|
|
188
|
+
// 以逗号分隔 CORS
|
|
189
|
+
const corsList = config.CORS_ALLOW_ORIGIN.split(',')
|
|
190
|
+
// 遍历 CORS 列表
|
|
191
|
+
for (let i = 0; i < corsList.length; i++) {
|
|
192
|
+
const cors = corsList[i].replace(/\/$/, '') // 获取当前 CORS 并去除末尾的斜杠
|
|
193
|
+
if (cors === request.headers.origin) {
|
|
194
|
+
return request.headers.origin // Allow
|
|
195
|
+
}
|
|
196
|
+
}
|
|
197
|
+
return '' // 不在安全域名列表中则禁止跨域
|
|
189
198
|
} else {
|
|
190
|
-
return request.headers.origin
|
|
199
|
+
return request.headers.origin // 未设置安全域名直接 Allow
|
|
191
200
|
}
|
|
192
201
|
}
|
|
193
202
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "tkserver",
|
|
3
|
-
"version": "1.6.
|
|
3
|
+
"version": "1.6.42",
|
|
4
4
|
"description": "A simple comment system.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"twikoo",
|
|
@@ -31,7 +31,7 @@
|
|
|
31
31
|
"get-user-ip": "^1.0.1",
|
|
32
32
|
"lokijs": "^1.5.12",
|
|
33
33
|
"mongodb": "^6.3.0",
|
|
34
|
-
"twikoo-func": "1.6.
|
|
34
|
+
"twikoo-func": "1.6.42",
|
|
35
35
|
"uuid": "^8.3.2"
|
|
36
36
|
}
|
|
37
37
|
}
|