I took a look into the code because I was somehow confused having config :cors_plug, origin: [...] in our config AND plug CORSPlug, origin: &Web.CORS.allowed_origins/0 in the endpoint. I wanted to understand why we have both and which of them has the highest prio.
I took a look into the code because I was somehow confused having
config :cors_plug, origin: [...]
in our config ANDplug CORSPlug, origin: &Web.CORS.allowed_origins/0
in the endpoint. I wanted to understand why we have both and which of them has the highest prio.While doing so, I stumbled upon this:
https://github.com/mschae/cors_plug/blob/1ca97ed844b200f97bc54df83426815854d1235d/lib/cors_plug.ex#L47
It gets called here:
https://github.com/mschae/cors_plug/blob/1ca97ed844b200f97bc54df83426815854d1235d/lib/cors_plug.ex#L42
AFAIK
Application.get_all_env/1
will always return a list.