Skip to content

incorrect jsdoc and tor browser broken cors #60

New issue
New issue
Open
Open
incorrect jsdoc and tor browser broken cors#60
Labels
bugSomething isn't working
@chefnaphtha

Description

@chefnaphtha
chefnaphtha
opened on Dec 16, 2024

What version of Elysia is running?

No response

What platform is your computer?

No response

What steps can reproduce the bug?

tor browser has network.http.referer.hideOnionSource set to true in about:config, which sets the Origin header to 'null'. the jsdoc claims:

     * @default `true`
     *
     * Assign the **Access-Control-Allow-Origin** header.
     *
     * Value can be one of the following:
     * - `string` - String of origin which will be directly assign to `Access-Control-Allow-Origin`
     *
     * - `boolean` - If set to true, `Access-Control-Allow-Origin` will be set to `*` (accept all origin)

this is wrong, true in fact tries to mirror the request's Origin header before setting to * (if Origin is not set). however, on tb, Origin is in fact set, to the string null. this breaks cors

elysia-cors/src/index.ts

Line 245 in de56acd

request.headers.get('Origin') || '*'

What is the expected behavior?

No response

What do you see instead?

No response

Additional information

No response

Have you try removing the node_modules and bun.lockb and try again yet?

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions