rixty/SillyTavern
1
0
Fork 0
mirror of https://github.com/SillyTavern/SillyTavern.git synced 2025-06-05 21:59:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply CORS Settings

Browse Source
This commit is contained in:
10sa
2023-02-14 20:05:51 +09:00
parent 9490c898c9
commit 1041fb77f7
2 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
server.js
View File

@@ -17,9 +17,8 @@ sharp.cache(false);
const path = require('path');
const cookieParser = require('cookie-parser');
const crypto = require('crypto');
const doubleCsrf = require('csrf-csrf').doubleCsrf;
const config = require('./config.json');
const server_port = config.port;
@@ -54,6 +53,9 @@ var is_colab = false;
const jsonParser = express.json({limit: '100mb'});
const urlencodedParser = express.urlencoded({extended: true, limit: '100mb'});
// CSRF Protection //
const doubleCsrf = require('csrf-csrf').doubleCsrf;
const CSRF_SECRET = crypto.randomBytes(8).toString('hex');
const COOKIES_SECRET = crypto.randomBytes(8).toString('hex');
@@ -77,6 +79,15 @@ app.get("/csrf-token", (req, res) => {
app.use(cookieParser(COOKIES_SECRET));
app.use(doubleCsrfProtection);
// CORS Settings //
const cors = require('cors');
const CORS = cors({
origin: 'null',
methods: ['OPTIONS']
})
app.use(CORS);
app.use(function (req, res, next) { //Security
const clientIp = req.connection.remoteAddress.split(':').pop();
if (whitelistMode === true && !whitelist.includes(clientIp)) {