From 7d9a20ed852027fb610ba5606eff68c0c5390658 Mon Sep 17 00:00:00 2001
From: Roland Bernard <rolbernard@unibz.it>
Date: Sun, 16 May 2021 23:07:38 +0200
Subject: [PATCH] Fixed the CORS headers if no origin is provided

---
 server/src/headers.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/server/src/headers.ts b/server/src/headers.ts
index dd015a6..1361b27 100644
--- a/server/src/headers.ts
+++ b/server/src/headers.ts
@@ -6,7 +6,11 @@ import { allowedOrigins } from './config';
 export function addDefaultHeaders(req: Request, res: Response, next: NextFunction) {
     const origin = req.header('Origin');
     if (allowedOrigins.includes('*') || origin && allowedOrigins.includes(origin)) {
-        res.header('Access-Control-Allow-Origin', origin);
+        if (origin) {
+            res.header('Access-Control-Allow-Origin', origin);
+        } else {
+            res.header('Access-Control-Allow-Origin', '*');
+        }
         const headers = req.header('Access-Control-Request-Headers');
         if (headers) {
             res.header('Access-Control-Allow-Headers', headers);
-- 
GitLab