As mentioned in https://github.com/electerious/Ackee/issues/330#issuecomment-1126963836 it appears that ACKEE_AUTO_ORIGIN doesn't attach CORS headers correctly. Since is-valid-domain only returns true if there isn't a protocol, the qualified domains we extract from the Ackee domains will always be of the format "example.com". It appears that express requires the returned CORS domain to be of the format "https://example.com", otherwise it doesn't see it as a match to the incoming request. For a more in-depth explanation see the linked comment.
This fixes that issue by mapping each returned domain to both an HTTP and an HTTPS variant. For good measure I also included the original domain in the domain list we give to express - that shouldn't be needed, but it also shouldn't harm anything, and it protects against bugs in case I'm mistaken for some use case.
It should be noted that .flatMap is only supported in Node version 11+. It could be rewritten to use a .reduce instead if older versions of Node need to be supported.
As mentioned in https://github.com/electerious/Ackee/issues/330#issuecomment-1126963836 it appears that
ACKEE_AUTO_ORIGIN
doesn't attach CORS headers correctly. Sinceis-valid-domain
only returns true if there isn't a protocol, the qualified domains we extract from the Ackee domains will always be of the format"example.com"
. It appears that express requires the returned CORS domain to be of the format"https://example.com"
, otherwise it doesn't see it as a match to the incoming request. For a more in-depth explanation see the linked comment.This fixes that issue by mapping each returned domain to both an HTTP and an HTTPS variant. For good measure I also included the original domain in the domain list we give to express - that shouldn't be needed, but it also shouldn't harm anything, and it protects against bugs in case I'm mistaken for some use case.
It should be noted that
.flatMap
is only supported in Node version 11+. It could be rewritten to use a.reduce
instead if older versions of Node need to be supported.