frishi/threetwo
1
0
Fork 0
Code Issues 9 Pull Requests 6 Actions Packages Projects Releases 2 Wiki Activity

🚒 Trying out nginx for CORS mitigation

Browse Source
This commit is contained in:
Rishi Ghan
2021-11-24 23:15:56 -08:00
parent 25d68edbc4
commit 95fe37e542
5 changed files with 42 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docker-compose.yml
View File

@@ -19,6 +19,7 @@ services:
depends_on:
- db
# - elasticsearch
- cors
- libraryqueue
- redis
- settings
@@ -169,6 +170,13 @@ services:
ports:
- "6379:6379"
cors:
image: shakyshane/nginx-cors
ports:
- 8050:80
environment:
- TARGET_DOMAIN=ghost
# elasticsearch:
# image: docker.elastic.co/elasticsearch/elasticsearch:7.10.0
# container_name: elasticsearch

1
package.json
View File

@@ -39,7 +39,6 @@
"compromise-dates": "^2.2.1",
"compromise-numbers": "^1.4.0",
"compromise-sentences": "^0.3.0",
"cors-anywhere": "^0.4.4",
"dayjs": "^1.10.6",
"ellipsize": "^0.1.0",
"express": "^4.17.1",

32
proxy.conf Normal file
View File

@@ -0,0 +1,32 @@
upstream api {
# Could be host.docker.internal - Docker for Mac/Windows - the host itself
# Could be your API in a appropriate domain
# Could be other container in the same network, like container_name:port
server ghost:8050;
}
server {
listen 8050;
server_name ghost;
location / {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,
X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
add_header 'Content-Type' 'application/json';
add_header 'Content-Length' 0;
return 204;
}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,
X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
proxy_pass http://api/;
}
}

20
src/server/index.ts
View File

@@ -2,11 +2,9 @@ import express, { Request, Response, Router, Express } from "express";
import bodyParser from "body-parser";
import router from "./route";
import path from "path";
import cors_proxy from "cors-anywhere";
// call express
const app: Express = express(); // define our app using express
const host = process.env.HOST || "0.0.0.0";
// configure app to use bodyParser for
// Getting data from body of requests
@@ -29,20 +27,6 @@ app.use("/api", routes);
app.use(express.static("dist"));
app.use(express.static("public"));
// app.listen(port);
// console.log(`Server is listening on ${port}`);
app.listen(port);
cors_proxy
.createServer({
originWhitelist: [], // Allow all origins
requireHeader: ["origin", "x-requested-with"],
removeHeaders: ["cookie", "cookie2"],
})
.listen(port, host, function () {
console.log(
"ThreeTwo! Express server with CORS Anywhere running on " +
host +
":" +
port,
);
});
console.log(`Server is listening on ${port}`);

31
yarn.lock
View File

@@ -4291,14 +4291,6 @@ core-util-is@~1.0.0:
resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85"
integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==
cors-anywhere@^0.4.4:
version "0.4.4"
resolved "https://registry.yarnpkg.com/cors-anywhere/-/cors-anywhere-0.4.4.tgz#98892fcab55f408fff13a63e125135c18dc22ca8"
integrity sha512-8OBFwnzMgR4mNrAeAyOLB2EruS2z7u02of2bOu7i9kKYlZG+niS7CTHLPgEXKWW2NAOJWRry9RRCaL9lJRjNqg==
dependencies:
http-proxy "1.11.1"
proxy-from-env "0.0.1"
cors@~2.8.5:
version "2.8.5"
resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.5.tgz#eac11da51592dd86b9f06f6e7ac293b3df875d29"
@@ -5541,11 +5533,6 @@ etag@~1.8.1:
resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887"
integrity sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=
eventemitter3@1.x.x:
version "1.2.0"
resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-1.2.0.tgz#1c86991d816ad1e504750e73874224ecf3bec508"
integrity sha1-HIaZHYFq0eUEdQ5zh0Ik7PO+xQg=
eventemitter3@^3.0.0:
version "3.1.2"
resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-3.1.2.tgz#2d3d48f9c346698fce83a85d7d664e98535df6e7"
@@ -6870,14 +6857,6 @@ http-proxy-middleware@0.19.1:
lodash "^4.17.11"
micromatch "^3.1.10"
http-proxy@1.11.1:
version "1.11.1"
resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.11.1.tgz#71df55757e802d58ea810df2244019dda05ae85d"
integrity sha1-cd9VdX6ALVjqgQ3yJEAZ3aBa6F0=
dependencies:
eventemitter3 "1.x.x"
requires-port "0.x.x"
http-proxy@^1.17.0:
version "1.18.1"
resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549"
@@ -10694,11 +10673,6 @@ proxy-addr@~2.0.5:
forwarded "0.2.0"
ipaddr.js "1.9.1"
proxy-from-env@0.0.1:
version "0.0.1"
resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-0.0.1.tgz#b27c4946e9e6d5dbadb7598a6435d3014c4cfd49"
integrity sha1-snxJRunm1dutt1mKZDXTAUxM/Uk=
prr@~1.0.1:
version "1.0.1"
resolved "https://registry.yarnpkg.com/prr/-/prr-1.0.1.tgz#d3fc114ba06995a45ec6893f484ceb1d78f5f476"
@@ -11699,11 +11673,6 @@ require-main-filename@^2.0.0:
resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-2.0.0.tgz#d0b329ecc7cc0f61649f62215be69af54aa8989b"
integrity sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==
requires-port@0.x.x:
version "0.0.1"
resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-0.0.1.tgz#4b4414411d9df7c855995dd899a8c78a2951c16d"
integrity sha1-S0QUQR2d98hVmV3YmajHiilRwW0=
requires-port@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff"