vercel[bot]
commented
2 years ago Someone is attempting to deploy a commit to a Personal Account owned by @electerious on Vercel.
@electerious first needs to authorize it.
Closed birjj closed 2 years ago
vercel[bot]
commented
2 years ago Someone is attempting to deploy a commit to a Personal Account owned by @electerious on Vercel.
@electerious first needs to authorize it.
electerious
commented
2 years ago Thanks for the fix!
As mentioned in https://github.com/electerious/Ackee/issues/330#issuecomment-1126963836 it appears that
ACKEE_AUTO_ORIGINdoesn't attach CORS headers correctly. Sinceis-valid-domainonly returns true if there isn't a protocol, the qualified domains we extract from the Ackee domains will always be of the format"example.com". It appears that express requires the returned CORS domain to be of the format"https://example.com", otherwise it doesn't see it as a match to the incoming request. For a more in-depth explanation see the linked comment.This fixes that issue by mapping each returned domain to both an HTTP and an HTTPS variant. For good measure I also included the original domain in the domain list we give to express - that shouldn't be needed, but it also shouldn't harm anything, and it protects against bugs in case I'm mistaken for some use case.
It should be noted that
.flatMapis only supported in Node version 11+. It could be rewritten to use a.reduceinstead if older versions of Node need to be supported.