reptil1990/Ninjaserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔧 Fix CORS: Allow all origins for development

Browse Source 
- Simplified CORS configuration to allow all origins (*)
- Removed origin restrictions for easier development
- Fixed CORS preflight request handling
- Now allows requests from any domain including 192.168.1.96
This commit is contained in:
Carsten Graf
2025-09-08 18:02:00 +02:00
parent c347ddb7b4
commit c74bfb4394
1 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
server.js
View File

@@ -48,6 +48,23 @@ const io = new Server(server, {
// MIDDLEWARE SETUP
// ============================================================================
// CORS Configuration - Allow all origins for development
app.use((req, res, next) => {
// Allow all origins
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS, PATCH');
res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization, X-API-Key');
res.setHeader('Access-Control-Max-Age', '86400'); // 24 hours
// Handle preflight requests
if (req.method === 'OPTIONS') {
res.status(200).end();
return;
}
next();
});
// Body Parser Middleware
app.use(express.json({ limit: '10mb' }));
app.use(express.urlencoded({ extended: true, limit: '10mb' }));
@@ -57,7 +74,7 @@ app.use(session({
secret: process.env.SESSION_SECRET || 'kjhdizr3lhwho8fpjslgf825ß0hsd',
resave: false,
saveUninitialized: false,
cookie: {
cookie: {
secure: false, // Set to true when using HTTPS
maxAge: 24 * 60 * 60 * 1000, // 24 hours
httpOnly: true // Security: prevent XSS attacks
@@ -205,7 +222,7 @@ app.use('/login', express.static('public'));
*/
io.on('connection', (socket) => {
// Client connected - connection is established
socket.on('disconnect', () => {
// Client disconnected - cleanup if needed
});
@@ -271,13 +288,13 @@ server.listen(port, () => {
*/
process.on('SIGINT', async () => {
console.log('\n🛑 Server wird heruntergefahren...');
// Close server gracefully
server.close(() => {
console.log('✅ Server erfolgreich heruntergefahren');
process.exit(0);
});
// Force exit after 5 seconds if graceful shutdown fails
setTimeout(() => {
console.log('⚠️ Forced shutdown after timeout');