KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

securing cors anywhere

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2015-11-28 18:27:27 +01:00
parent 05d57a5b7b
commit 02d15c95ea
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/node_modules/cors-anywhere/lib/cors-anywhere.js generated vendored
View File

@@ -226,7 +226,7 @@ var getHandler = exports.getHandler = function(options, proxy) {
};
return function(req, res) {
if(req.headers.referer && req.headers.referer.substring(0,15) !== "https://zoff.no")
if(req.headers.referer && !(req.headers.referer.substring(0,15) === "https://zoff.no" || req.headers.referer.substring(0,14) === "http://zoff.no"))
{
res.writeHead(401, "You're accessing the cors-anywhere from wrong domain, only http://zoff.no is allowed");
res.end();