diff --git a/src/main.rs b/src/main.rs index 37df61d..b84cd03 100644 --- a/src/main.rs +++ b/src/main.rs @@ -149,19 +149,6 @@ async fn main() -> anyhow::Result<()> { .parse() .expect("Failed to parse bind/port for webserver"); - // if the server is self hosted, allow all origins - // otherwise, only allow the origins in ALLOWED_ORIGINS - // TODO I think remove this so cors passes for most things - let cors_function = { - |origin: &HeaderValue, _request_parts: &Parts| { - let Ok(origin) = origin.to_str() else { - return false; - }; - - valid_origin(origin) - } - }; - let server_router = Router::new() .route("/health-check", get(health_check)) .route("/v1/check-username/:username", get(check_username)) @@ -176,7 +163,7 @@ async fn main() -> anyhow::Result<()> { .fallback(fallback) .layer( CorsLayer::new() - .allow_origin(AllowOrigin::predicate(cors_function)) + .allow_origin(AllowOrigin::any()) .allow_headers([http::header::CONTENT_TYPE, http::header::AUTHORIZATION]) .allow_methods([ Method::GET,