From d05aa13c3944eacfa7ff02c402e26769f1e6f586 Mon Sep 17 00:00:00 2001
From: KevinMidboe <kevin.midboe@gmail.com>
Date: Sat, 3 Jun 2017 11:17:09 +0200
Subject: [PATCH] Changes to more strict origin policy.

---
 src/webserver/app.js | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/webserver/app.js b/src/webserver/app.js
index 1b0fc39..3da8ccb 100644
--- a/src/webserver/app.js
+++ b/src/webserver/app.js
@@ -8,14 +8,18 @@ var bodyParser = require('body-parser');
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({ extended: true }));
 
-var port = 31459;        // set our port
 
+var port = 31459;        // set our port
 var router = express.Router();
+var allowedOrigins = ['https://kevinmidboe.com', 'http://localhost:8080']
+
 
 router.use(function(req, res, next) {
-    // do logging
     console.log('Something is happening.');
-	res.setHeader('Access-Control-Allow-Origin', 'https://kevinmidboe.com');
+    var origin = req.headers.origin;
+    if (allowedOrigins.indexOf(origin) > -1) {
+		res.setHeader('Access-Control-Allow-Origin', origin);
+	}
     next();
 });