farmcontrol/farmcontrol-ws
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhanced CORS configuration in SocketManager and added allowed origins to server settings in config.json.
Some checks reported warnings
farmcontrol/farmcontrol-ws/pipeline/head This commit is unstable
Details

Browse Source
This commit is contained in:
Tom Butcher 2026-03-06 23:54:01 +00:00
parent ddf230a20a
commit a955def849
2 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config.json
View File

@ -2,7 +2,8 @@
"development": { "development": {
"server": { "server": {
"port": 9090, "port": 9090,
"logLevel": "trace" "logLevel": "trace",
"corsOrigins": ["https://web.farmcontrol.app", "https://dev.tombutcher.work", "http://localhost:5173", "http://localhost:3000"]
}, },
"auth": { "auth": {
"enabled": true, "enabled": true,

15
src/socket/socketmanager.js
View File

@ -21,11 +21,20 @@ export class SocketManager {
this.templateManager = new TemplateManager(this); this.templateManager = new TemplateManager(this);
// Use the provided HTTP server // Use the provided HTTP server
// Create Socket.IO server // Create Socket.IO server - CORS applies to HTTP long-polling transport
const allowedOrigins = config.server.corsOrigins || ['*'];
const io = new Server(server, { const io = new Server(server, {
cors: { cors: {
origin: config.server.corsOrigins || '*', origin: (origin, callback) => {
methods: ['GET', 'POST'] // Allow requests with no origin (e.g. same-origin, Postman, native apps)
if (!origin) return callback(null, true);
if (allowedOrigins.includes('*')) return callback(null, true);
if (allowedOrigins.includes(origin)) return callback(null, origin);
callback(new Error('CORS not allowed'));
},
methods: ['GET', 'POST'],
credentials: true,
allowedHeaders: ['Content-Type', 'Authorization']
} }
}); });