hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix headers for new installs

Browse Source 
encodeURI(undefined) === "undefined"
v1.18.x
barisusakli 8 years ago
parent 12d46ca441
commit 6beacdb80c
1 changed files with 6 additions and 17 deletions
Show Stats Download Patch File Download Diff File

23
src/middleware/headers.js
Unescape Escape View File

@ -1,31 +1,20 @@
'use strict';
var _ = require('underscore');
var meta = require('../meta');
module.exports = function (middleware) {
middleware.addHeaders = function (req, res, next) {
var defaults = {
'X-Powered-By': 'NodeBB',
'X-Frame-Options': 'SAMEORIGIN',
'Access-Control-Allow-Origin': 'null' // yes, string null.
};
var headers = {
'X-Powered-By': encodeURI(meta.config['powered-by']),
'X-Frame-Options': meta.config['allow-from-uri'] ? 'ALLOW-FROM ' + encodeURI(meta.config['allow-from-uri']) : undefined,
'Access-Control-Allow-Origin': encodeURI(meta.config['access-control-allow-origin']),
'Access-Control-Allow-Methods': encodeURI(meta.config['access-control-allow-methods']),
'Access-Control-Allow-Headers': encodeURI(meta.config['access-control-allow-headers'])
'X-Powered-By': encodeURI(meta.config['powered-by'] || 'NodeBB'),
'X-Frame-Options': meta.config['allow-from-uri'] ? 'ALLOW-FROM ' + encodeURI(meta.config['allow-from-uri']) : 'SAMEORIGIN',
'Access-Control-Allow-Origin': encodeURI(meta.config['access-control-allow-origin'] || 'null'),
'Access-Control-Allow-Methods': encodeURI(meta.config['access-control-allow-methods'] || ''),
'Access-Control-Allow-Headers': encodeURI(meta.config['access-control-allow-headers'] || '')
};
_.defaults(headers, defaults);
headers = _.pick(headers, Boolean); // Remove falsy headers
for (var key in headers) {
if (headers.hasOwnProperty(key)) {
if (headers.hasOwnProperty(key) && headers[key]) {
res.setHeader(key, headers[key]);
}
}

Write Preview
Loading…
Cancel
Save