fix cors with helmet

2022-06-30 09:28:49 +02:00 · 2022-06-30 09:28:49 +02:00 · fce084f590
commit fce084f590
parent 2e98fa7f2d
2 changed files with 7 additions and 10 deletions
--- a/server/prisma/dev.db
+++ b/server/prisma/dev.db
--- a/server/server.ts
+++ b/server/server.ts
@ -11,16 +11,13 @@ const prisma = new PrismaClient();
 const app: Express = express();
 app.use(express.json());
 app.use(helmet());
 // Allow CORS in dev mode.
 if (process.env.ENVIRONMENT == "dev") {
 app.use(
-    cors({
+  helmet({
-      origin: "*",
+    crossOriginResourcePolicy: {
      policy: process.env.ENVIRONMENT == "dev" ? "cross-origin" : "same-origin",
    },
  })
 );
 }
 // Apply rate limiting
 const postLimiter = rateLimit({