@@ -23,6 +23,10 @@ export async function handleProxyRequest(request, env = {}) {
2323 return jsonResponse ( { ok : true } , 200 , config ) ;
2424 }
2525
26+ if ( requestUrl . pathname === "/ai/health" ) {
27+ return jsonResponse ( { ok : true , ai : true } , 200 , config ) ;
28+ }
29+
2630 if ( requestUrl . pathname === "/ai/responses" ) {
2731 return handleAiRequest ( request , config ) ;
2832 }
@@ -126,6 +130,7 @@ export function readProxyConfig(env = {}) {
126130 return {
127131 env,
128132 allowOrigin : String ( env . ALLOW_ORIGIN || "*" ) ,
133+ allowCredentials : isTruthy ( env . ALLOW_CREDENTIALS ) ,
129134 allowedHosts : parseAllowedHosts ( env . ALLOWED_HOSTS || "" ) ,
130135 maxBytes : positiveNumber ( env . MAX_BYTES , DEFAULT_MAX_BYTES ) ,
131136 } ;
@@ -230,13 +235,23 @@ function positiveNumber(value, fallback) {
230235 return Number . isFinite ( parsed ) && parsed > 0 ? parsed : fallback ;
231236}
232237
238+ function isTruthy ( value ) {
239+ return [ "1" , "true" , "yes" , "on" ] . includes ( String ( value || "" ) . trim ( ) . toLowerCase ( ) ) ;
240+ }
241+
233242function corsHeaders ( config ) {
234- return {
243+ const headers = {
235244 "access-control-allow-origin" : config . allowOrigin ,
236245 "access-control-allow-methods" : "GET, POST, OPTIONS" ,
237246 "access-control-allow-headers" : "content-type" ,
238247 vary : "origin" ,
239248 } ;
249+
250+ if ( config . allowCredentials && config . allowOrigin !== "*" ) {
251+ headers [ "access-control-allow-credentials" ] = "true" ;
252+ }
253+
254+ return headers ;
240255}
241256
242257function jsonResponse ( payload , status , config ) {
0 commit comments