From e99a03048aec81157b8cf93268d3eba6fdbc3d07 Mon Sep 17 00:00:00 2001
From: "PC-ROGE\\c" <northearts@gmail.com>
Date: Mon, 24 Apr 2023 15:12:07 +0300
Subject: [PATCH] all origin allowed for cors

---
 app.js                  | 2 +-
 src/middlewares/cors.js | 9 +++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/app.js b/app.js
index e3d5d42..1fcb0c8 100644
--- a/app.js
+++ b/app.js
@@ -18,7 +18,7 @@ const {error_handler} = require('./src/middlewares/error_handler')
 
 app.options(options)
 
-app.use(cors({origin: "*"})) // for any address
+app.use(cors)
 
 app.use(helmet())
 
diff --git a/src/middlewares/cors.js b/src/middlewares/cors.js
index 755106a..05e4967 100644
--- a/src/middlewares/cors.js
+++ b/src/middlewares/cors.js
@@ -7,12 +7,13 @@ const options = (req, res) => {
 }
 
 const cors = (req, res, next) => {
-    const {origin} = req.headers
-    if (allowed_cors.includes(origin)) {
-        res.setHeader('Access-Control-Allow-Origin', origin)
-    }
+    // const {origin} = req.headers
+    // if (allowed_cors.includes(origin)) {
+    //     res.setHeader('Access-Control-Allow-Origin', origin)
+    // }
     res.setHeader('Access-Control-Allow-Credentials', true)
     res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type')
+    res.setHeader("Access-Control-Allow-Origin", "*")
     next()
 }