From c74bfb4394466228b1ad831fbfb017606e631a4b Mon Sep 17 00:00:00 2001 From: Carsten Graf Date: Mon, 8 Sep 2025 18:02:00 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20Fix=20CORS:=20Allow=20all=20orig?= =?UTF-8?q?ins=20for=20development?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Simplified CORS configuration to allow all origins (*) - Removed origin restrictions for easier development - Fixed CORS preflight request handling - Now allows requests from any domain including 192.168.1.96 --- server.js | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/server.js b/server.js index 090ac81..a6271ff 100644 --- a/server.js +++ b/server.js @@ -48,6 +48,23 @@ const io = new Server(server, { // MIDDLEWARE SETUP // ============================================================================ +// CORS Configuration - Allow all origins for development +app.use((req, res, next) => { + // Allow all origins + res.setHeader('Access-Control-Allow-Origin', '*'); + res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS, PATCH'); + res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization, X-API-Key'); + res.setHeader('Access-Control-Max-Age', '86400'); // 24 hours + + // Handle preflight requests + if (req.method === 'OPTIONS') { + res.status(200).end(); + return; + } + + next(); +}); + // Body Parser Middleware app.use(express.json({ limit: '10mb' })); app.use(express.urlencoded({ extended: true, limit: '10mb' })); @@ -57,7 +74,7 @@ app.use(session({ secret: process.env.SESSION_SECRET || 'kjhdizr3lhwho8fpjslgf825Ɵ0hsd', resave: false, saveUninitialized: false, - cookie: { + cookie: { secure: false, // Set to true when using HTTPS maxAge: 24 * 60 * 60 * 1000, // 24 hours httpOnly: true // Security: prevent XSS attacks @@ -205,7 +222,7 @@ app.use('/login', express.static('public')); */ io.on('connection', (socket) => { // Client connected - connection is established - + socket.on('disconnect', () => { // Client disconnected - cleanup if needed }); @@ -271,13 +288,13 @@ server.listen(port, () => { */ process.on('SIGINT', async () => { console.log('\nšŸ›‘ Server wird heruntergefahren...'); - + // Close server gracefully server.close(() => { console.log('āœ… Server erfolgreich heruntergefahren'); process.exit(0); }); - + // Force exit after 5 seconds if graceful shutdown fails setTimeout(() => { console.log('āš ļø Forced shutdown after timeout');