github/socket.io
1
1
Fork 0
mirror of https://github.com/socketio/socket.io.git synced 2026-04-30 03:00:39 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix: do not overwrite CORS headers upon error

Browse Source 
The Access-Control-Allow-xxx headers added by the cors middleware were
overwritten when sending an error response.

Those lines should have been removed in [1].

[1]: 61b949259e

Related: https://github.com/socketio/engine.io/issues/605
This commit is contained in:
Damien Arrachequesne
2020-10-21 00:46:32 +02:00
parent f9c0e74b14
commit fe093bae1a
2 changed files with 24 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/server.js
View File

@@ -475,12 +475,6 @@ function sendErrorMessage(req, res, code) {
);
return;
}
if (req.headers.origin) {
headers["Access-Control-Allow-Credentials"] = "true";
headers["Access-Control-Allow-Origin"] = req.headers.origin;
} else {
headers["Access-Control-Allow-Origin"] = "*";
}
if (res !== undefined) {
res.writeHead(400, headers);
res.end(