v0.1.9 - Always use Access-Control-Allow-Origin: *

Fixes #6
2026-05-13 23:16:51 +00:00 · 2014-03-12 18:18:08 +01:00
parent 7983d1e7ae
commit beadd3fe77
2 changed files with 2 additions and 3 deletions
--- a/lib/cors-anywhere.js
+++ b/lib/cors-anywhere.js
@@ -51,8 +51,7 @@ function isValidHostName(hostname) {
 * @param request {ServerRequest}
 */
 function withCORS(headers, request) {
-  var origin = request.headers.origin || 'null';
-  headers['access-control-allow-origin'] = origin === 'null' ? '*' : origin;
+  headers['access-control-allow-origin'] = '*';
  if (request.headers['access-control-request-method']) {
    headers['access-control-allow-methods'] = request.headers['access-control-request-method'];
    delete request.headers['access-control-request-method'];