dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity

fix: Duplicated CORS headers

Browse Source
This commit is contained in:
LukeGus
2025-11-01 16:40:08 -05:00
parent dd19b2b990
commit d0385bd2c9
6 changed files with 25 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docker/nginx.conf
View File

@@ -26,16 +26,10 @@ http {
add_header X-Content-Type-Options nosniff always; add_header X-Content-Type-Options nosniff always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "1; mode=block" always;
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization" always;
add_header Access-Control-Allow-Credentials "true" always;
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
root /usr/share/nginx/html; root /usr/share/nginx/html;
expires 1y; expires 1y;
add_header Cache-Control "public, immutable"; add_header Cache-Control "public, immutable";
add_header Access-Control-Allow-Origin $http_origin always;
try_files $uri =404; try_files $uri =404;
} }

14
src/backend/dashboard.ts
View File

@@ -29,19 +29,15 @@ app.use(
"http://127.0.0.1:3000", "http://127.0.0.1:3000",
]; ];
if (origin.startsWith("https://")) {
return callback(null, true);
}
if (origin.startsWith("http://")) {
return callback(null, true);
}
if (allowedOrigins.includes(origin)) { if (allowedOrigins.includes(origin)) {
return callback(null, true); return callback(null, true);
} }
callback(new Error("Not allowed by CORS")); if (origin.startsWith("https://")) {
return callback(null, true);
}
callback(null, true);
}, },
credentials: true, credentials: true,
methods: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"], methods: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"],

14
src/backend/database/database.ts
View File

@@ -60,19 +60,15 @@ app.use(
"http://127.0.0.1:3000", "http://127.0.0.1:3000",
]; ];
if (origin.startsWith("https://")) {
return callback(null, true);
}
if (origin.startsWith("http://")) {
return callback(null, true);
}
if (allowedOrigins.includes(origin)) { if (allowedOrigins.includes(origin)) {
return callback(null, true); return callback(null, true);
} }
callback(new Error("Not allowed by CORS")); if (origin.startsWith("https://")) {
return callback(null, true);
}
callback(null, true);
}, },
credentials: true, credentials: true,
methods: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"], methods: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"],

14
src/backend/ssh/file-manager.ts
View File

@@ -57,19 +57,15 @@ app.use(
"http://127.0.0.1:3000", "http://127.0.0.1:3000",
]; ];
if (origin.startsWith("https://")) {
return callback(null, true);
}
if (origin.startsWith("http://")) {
return callback(null, true);
}
if (allowedOrigins.includes(origin)) { if (allowedOrigins.includes(origin)) {
return callback(null, true); return callback(null, true);
} }
callback(new Error("Not allowed by CORS")); if (origin.startsWith("https://")) {
return callback(null, true);
}
callback(null, true);
}, },
credentials: true, credentials: true,
methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"], methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],

14
src/backend/ssh/server-stats.ts
View File

@@ -595,19 +595,15 @@ app.use(
"http://127.0.0.1:3000", "http://127.0.0.1:3000",
]; ];
if (origin.startsWith("https://")) {
return callback(null, true);
}
if (origin.startsWith("http://")) {
return callback(null, true);
}
if (allowedOrigins.includes(origin)) { if (allowedOrigins.includes(origin)) {
return callback(null, true); return callback(null, true);
} }
callback(new Error("Not allowed by CORS")); if (origin.startsWith("https://")) {
return callback(null, true);
}
callback(null, true);
}, },
credentials: true, credentials: true,
methods: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"], methods: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"],

14
src/backend/ssh/tunnel.ts
View File

@@ -33,19 +33,15 @@ app.use(
"http://127.0.0.1:3000", "http://127.0.0.1:3000",
]; ];
if (origin.startsWith("https://")) {
return callback(null, true);
}
if (origin.startsWith("http://")) {
return callback(null, true);
}
if (allowedOrigins.includes(origin)) { if (allowedOrigins.includes(origin)) {
return callback(null, true); return callback(null, true);
} }
callback(new Error("Not allowed by CORS")); if (origin.startsWith("https://")) {
return callback(null, true);
}
callback(null, true);
}, },
credentials: true, credentials: true,
methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"], methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],