KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2026-02-11 03:49:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Securing cors

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2015-11-28 18:23:43 +01:00
parent 9bc89fd824
commit 05d57a5b7b
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/node_modules/cors-anywhere/lib/cors-anywhere.js generated vendored
View File

@@ -226,13 +226,13 @@ var getHandler = exports.getHandler = function(options, proxy) {
}; };
return function(req, res) { return function(req, res) {
/*if(req.headers.referer && req.headers.referer.substring(0,14) !== "http://zoff.no") if(req.headers.referer && req.headers.referer.substring(0,15) !== "https://zoff.no")
{ {
res.writeHead(401, "You're accessing the cors-anywhere from wrong domain, only http://zoff.no is allowed"); res.writeHead(401, "You're accessing the cors-anywhere from wrong domain, only http://zoff.no is allowed");
res.end(); res.end();
return; return;
} }
*/
var cors_headers = withCORS({}, req); var cors_headers = withCORS({}, req);
if (req.method == 'OPTIONS') { if (req.method == 'OPTIONS') {
// Pre-flight request. Reply successfully: // Pre-flight request. Reply successfully:

2
static/dist/main.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
static/js/youtube.js
View File

@@ -158,7 +158,7 @@ var Youtube = {
}; };
img.crossOrigin = 'Anonymous'; img.crossOrigin = 'Anonymous';
img.src = 'https://zoff.no:8080/http://img.youtube.com/vi/'+id+'/mqdefault.jpg'; img.src = 'https://zoff.no:8080/https://img.youtube.com/vi/'+id+'/mqdefault.jpg';
} }
}, },