Remove CORS module

author: Bobby <[email protected]> 2022-03-21 01:42:23 -0400
committer: Bobby <[email protected]> 2022-03-21 01:42:23 -0400
commit: 865fbbd889e7712faf8f0524ca8ca6a50c2aa0ee (patch)
tree: f1b64b20e551aef3869b4aa04c7bf3544436f067
parent: f1328ad385ded2558bbd57d3d39c4d4ad1f366fb (diff)
download: luciferreeves.github.io-865fbbd889e7712faf8f0524ca8ca6a50c2aa0ee.tar.xz
luciferreeves.github.io-865fbbd889e7712faf8f0524ca8ca6a50c2aa0ee.zip
1 files changed, 4 insertions, 16 deletions
diff --git a/server.js b/server.js
index 49d8579..c64bf8c 100644
--- a/server.js
+++ b/server.js
@@ -8,23 +8,11 @@ const routes = require("./routes");
 // Create the server
 const app = express();
 app.use(function (req, res, next) {
-  // Website you wish to allow to connect
-  res.setHeader("Access-Control-Allow-Origin", "http://localhost:3000", "https://thatcomputerscientist.com");
-
-  // Request methods you wish to allow
-  res.setHeader(
-    "Access-Control-Allow-Methods",
-    "GET, POST, OPTIONS, PUT, PATCH, DELETE"
-  );
-
-  // Request headers you wish to allow
-  res.setHeader(
-    "Access-Control-Allow-Headers",
-    "X-Requested-With,content-type"
-  );
-
-  // Pass to next layer of middleware
+  // Only allow http://localhost:3000 and https://thatcomputerscientist.com to access the API
+  res.header("Access-Control-Allow-Origin", "http://localhost:3000");
+  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
   next();
+  
 });
 app.use(function (req, res, next) {
   if (
author	Bobby <[email protected]>	2022-03-21 01:42:23 -0400
committer	Bobby <[email protected]>	2022-03-21 01:42:23 -0400
commit	865fbbd889e7712faf8f0524ca8ca6a50c2aa0ee (patch)
tree	f1b64b20e551aef3869b4aa04c7bf3544436f067
parent	f1328ad385ded2558bbd57d3d39c4d4ad1f366fb (diff)
download	luciferreeves.github.io-865fbbd889e7712faf8f0524ca8ca6a50c2aa0ee.tar.xz luciferreeves.github.io-865fbbd889e7712faf8f0524ca8ca6a50c2aa0ee.zip