TerribleDev/ente
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Whitelist the necessary one

Browse Source
This commit is contained in:
Manav Rathi
2024-06-16 20:56:28 +05:30
parent a4bc5fa0df
commit bfcd84c940
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
infra/workers/uploader/src/index.ts
View File

@@ -29,7 +29,7 @@ const handleOPTIONS = (request: Request) => {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "POST, PUT, OPTIONS",
"Access-Control-Max-Age": "86400",
// "Access-Control-Allow-Headers": "X-Auth-Token, X-Client-Package",
// "Access-Control-Allow-Headers": "UPLOAD-URL",
"Access-Control-Allow-Headers": "*",
"Access-Control-Expose-Headers": "X-Request-ID, CF-Ray",
},
@@ -56,7 +56,7 @@ const isAllowedOrigin = (origin: string | null) => {
};
const areAllowedHeaders = (headers: string | null) => {
const allowed = ["x-auth-token", "x-client-package"];
const allowed = ["UPLOAD-URL"];
if (!headers) return true;
for (const header of headers.split(",")) {