diff options
| author | Bobby <[email protected]> | 2022-06-27 00:19:57 +0530 |
|---|---|---|
| committer | Bobby <[email protected]> | 2022-06-27 00:19:57 +0530 |
| commit | 649de0647c0df90042568771cddfbc7360780f95 (patch) | |
| tree | d01758062217c142241a2b6e52c377aef8b86d9e | |
| parent | 82e67e49f4e15c3e543c49450ab12111723f09c9 (diff) | |
| download | thatcomputerscientist-649de0647c0df90042568771cddfbc7360780f95.tar.xz thatcomputerscientist-649de0647c0df90042568771cddfbc7360780f95.zip | |
fix :scheme for content load
| -rw-r--r-- | functions/render.js | 5 | ||||
| -rw-r--r-- | server.js | 2 |
2 files changed, 5 insertions, 2 deletions
diff --git a/functions/render.js b/functions/render.js index 28a64417..a35860a1 100644 --- a/functions/render.js +++ b/functions/render.js @@ -4,7 +4,10 @@ const validationString = process.env.AUTHORIZATION_STRING; function renderRoute(req, res, page, title, protected = false, data = {}) { res.locals.messages = req.flash(); let currentDomain = req.get("host").split("."); - currentDomain = req.protocol + "://" + currentDomain.at(-2) + "." + currentDomain.at(-1); + + // get the ':scheme' from the request header + let scheme = req.headers['X-Forwarded-Proto'] || req.protocol; + currentDomain = scheme + "://" + currentDomain.at(-2) + "." + currentDomain.at(-1); jwt.verify(req.cookies.token, validationString, (err, decoded) => { if (err) { res.clearCookie("token"); @@ -28,7 +28,7 @@ app.use( ); app.use(function(req, res, next) { res.header('Access-Control-Allow-Credentials', true); - res.header('Access-Control-Allow-Origin', req.headers.origin); + res.header('Access-Control-Allow-Origin', '*'); res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE'); res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept'); next(); |