iDefineHD/TurboTrades
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow CORS from both localhost and production domain
All checks were successful
Build Frontend / Build Frontend (push) Successful in 9s
Details

Browse Source
This commit is contained in:
iDefineHD
2026-01-11 00:58:30 +00:00
parent b4f7249774
commit f6e78f1a33
1 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
index.js
View File

@@ -61,23 +61,30 @@ const createServer = () => {
* Register plugins * Register plugins
*/ */
const registerPlugins = async (fastify) => { const registerPlugins = async (fastify) => {
// CORS - Allow requests from file:// protocol for test client // CORS - Allow both local development and production
await fastify.register(fastifyCors, { await fastify.register(fastifyCors, {
origin: (origin, callback) => { origin: (origin, callback) => {
const allowedOrigins = [
"http://localhost:5173",
"http://127.0.0.1:5173",
"https://turbotrades.dev",
config.cors.origin,
];
// Allow requests from file:// protocol (local HTML files) // Allow requests from file:// protocol (local HTML files)
if (!origin || origin === "null" || origin === config.cors.origin) { if (!origin || origin === "null") {
callback(null, true); callback(null, true);
return; return;
} }
// In development, allow localhost on any port // Allow localhost on any port in development
if (config.isDevelopment && origin.includes("localhost")) { if (config.isDevelopment && origin.includes("localhost")) {
callback(null, true); callback(null, true);
return; return;
} }
// Otherwise, check if it matches configured origin // Check if origin is in allowed list
if (origin === config.cors.origin) { if (allowedOrigins.includes(origin)) {
callback(null, true); callback(null, true);
} else { } else {
callback(new Error("Not allowed by CORS"), false); callback(new Error("Not allowed by CORS"), false);