mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2024-09-20 14:57:31 -07:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

fix(cli): Disable CORS on SSE connections in production (#4190)

Browse source
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™ 2022-09-26 15:15:44 +02:00 committed by GitHub
parent bc42073e28
commit e6e4f297c6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
packages/cli/src/Push.ts
View file

@ -1,13 +1,16 @@
/* eslint-disable @typescript-eslint/no-unsafe-call */
/* eslint-disable @typescript-eslint/no-unsafe-member-access */
// @ts-ignore
import sseChannel from 'sse-channel';
import express from 'express';
import { LoggerProxy as Logger } from 'n8n-workflow';
// eslint-disable-next-line import/no-cycle
import { IPushData, IPushDataType } from '.';
interface SSEChannelOptions {
cors?: {
origins: string[];
};
}
export class Push {
private channel: sseChannel;
@ -16,13 +19,16 @@ export class Push {
} = {};
constructor() {
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, new-cap
this.channel = new sseChannel({
cors: {
const options: SSEChannelOptions = {};
if (process.env.NODE_ENV !== 'production') {
options.cors = {
// Allow access also from frontend when developing
origins: ['http://localhost:8080'],
},
});
};
}
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-call
this.channel = new sseChannel(options);
// eslint-disable-next-line @typescript-eslint/no-unsafe-call
this.channel.on('disconnect', (channel: string, res: express.Response) => {