farcasclaudiu/Flowise
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/Flowise.git synced 2026-06-22 13:01:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: ignore allowedOrigins config for undefined origin header to ensure correct CORS behavior (#3033)

Browse Source 
fix: ignore allowed origins from chatbot config when origin header is undefined as correct cors behavior
This commit is contained in:
Tan Le
2024-08-19 03:02:31 +07:00
committed by GitHub
parent 2e689f2cff
commit 8bb55e07b6
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/server/src/controllers/predictions/index.ts
+3 -3
View File
@@ -26,13 +26,13 @@ const createPrediction = async (req: Request, res: Response, next: NextFunction)
throw new InternalFlowiseError(StatusCodes.NOT_FOUND, `Chatflow ${req.params.id} not found`)
}
let isDomainAllowed = true
logger.info(`[server]: Request originated from ${req.headers.origin}`)
logger.info(`[server]: Request originated from ${req.headers.origin || 'UNKNOWN ORIGIN'}`)
if (chatflow.chatbotConfig) {
const parsedConfig = JSON.parse(chatflow.chatbotConfig)
// check whether the first one is not empty. if it is empty that means the user set a value and then removed it.
const isValidAllowedOrigins = parsedConfig.allowedOrigins?.length && parsedConfig.allowedOrigins[0] !== ''
if (isValidAllowedOrigins) {
const originHeader = req.headers.origin as string
if (isValidAllowedOrigins && req.headers.origin) {
const originHeader = req.headers.origin
const origin = new URL(originHeader).host
isDomainAllowed =
parsedConfig.allowedOrigins.filter((domain: string) => {