25 lines
712 B
JavaScript
25 lines
712 B
JavaScript
export const allowedOrigins = [
|
|
'https://tools.acherryontop.com',
|
|
'https://inventory.kent.pw',
|
|
'https://acot.site',
|
|
/^http:\/\/localhost:(5174|5175)$/,
|
|
];
|
|
|
|
export const corsOptions = {
|
|
origin(origin, callback) {
|
|
if (!origin) return callback(null, true);
|
|
const ok = allowedOrigins.some((allowed) =>
|
|
allowed instanceof RegExp ? allowed.test(origin) : allowed === origin
|
|
);
|
|
if (ok) return callback(null, true);
|
|
callback(new Error('CORS not allowed'));
|
|
},
|
|
methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
|
|
allowedHeaders: ['Content-Type', 'Authorization'],
|
|
exposedHeaders: ['Content-Type'],
|
|
credentials: true,
|
|
maxAge: 600,
|
|
};
|
|
|
|
export default corsOptions;
|