Skip to content

Commit

Permalink
Allow all for CORS
Browse files Browse the repository at this point in the history
  • Loading branch information
benthecarman committed Apr 3, 2024
1 parent 6f61ad6 commit 316865b
Showing 1 changed file with 1 addition and 14 deletions.
15 changes: 1 addition & 14 deletions src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -149,19 +149,6 @@ async fn main() -> anyhow::Result<()> {
.parse()
.expect("Failed to parse bind/port for webserver");

// if the server is self hosted, allow all origins
// otherwise, only allow the origins in ALLOWED_ORIGINS
// TODO I think remove this so cors passes for most things
let cors_function = {
|origin: &HeaderValue, _request_parts: &Parts| {
let Ok(origin) = origin.to_str() else {
return false;
};

valid_origin(origin)
}
};

let server_router = Router::new()
.route("/health-check", get(health_check))
.route("/v1/check-username/:username", get(check_username))
Expand All @@ -176,7 +163,7 @@ async fn main() -> anyhow::Result<()> {
.fallback(fallback)
.layer(
CorsLayer::new()
.allow_origin(AllowOrigin::predicate(cors_function))
.allow_origin(AllowOrigin::any())
.allow_headers([http::header::CONTENT_TYPE, http::header::AUTHORIZATION])
.allow_methods([
Method::GET,
Expand Down

0 comments on commit 316865b

Please sign in to comment.