Do not add cors headers in production mode

This commit is contained in:
Jan Oberhauser 2019-09-20 13:06:06 +02:00
parent 0f67177bf6
commit a5344a0998

View file

@ -204,13 +204,15 @@ class App {
//support application/x-www-form-urlencoded post data //support application/x-www-form-urlencoded post data
this.app.use(bodyParser.urlencoded({ extended: false })); this.app.use(bodyParser.urlencoded({ extended: false }));
this.app.use((req: express.Request, res: express.Response, next: express.NextFunction) => { if (process.env['NODE_ENV'] !== 'production') {
// Allow access also from frontend when developing this.app.use((req: express.Request, res: express.Response, next: express.NextFunction) => {
res.header('Access-Control-Allow-Origin', 'http://localhost:8080'); // Allow access also from frontend when developing
res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE'); res.header('Access-Control-Allow-Origin', 'http://localhost:8080');
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, sessionid'); res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
next(); res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, sessionid');
}); next();
});
}
this.app.use((req: express.Request, res: express.Response, next: express.NextFunction) => { this.app.use((req: express.Request, res: express.Response, next: express.NextFunction) => {