KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Securing cors

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2015-11-28 18:23:43 +01:00
parent 9bc89fd824
commit 05d57a5b7b
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/node_modules/cors-anywhere/lib/cors-anywhere.js generated vendored
View File

@@ -226,13 +226,13 @@ var getHandler = exports.getHandler = function(options, proxy) {
};
return function(req, res) {
/*if(req.headers.referer && req.headers.referer.substring(0,14) !== "http://zoff.no")
if(req.headers.referer && req.headers.referer.substring(0,15) !== "https://zoff.no")
{
res.writeHead(401, "You're accessing the cors-anywhere from wrong domain, only http://zoff.no is allowed");
res.end();
return;
}
*/
var cors_headers = withCORS({}, req);
if (req.method == 'OPTIONS') {
// Pre-flight request. Reply successfully:

2
static/dist/main.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
static/js/youtube.js
View File

@@ -158,7 +158,7 @@ var Youtube = {
};
img.crossOrigin = 'Anonymous';
img.src = 'https://zoff.no:8080/http://img.youtube.com/vi/'+id+'/mqdefault.jpg';
img.src = 'https://zoff.no:8080/https://img.youtube.com/vi/'+id+'/mqdefault.jpg';
}
},