Skip to content

security: remove duplicated code in CORS handling

Administrator requested to merge sg/public-api-refactor-2 into main

Created by: slimsag

Stacked on top of #27295

isTrustedOrigin is a defined function which checks whether or not a request comes from a trusted origin or not, but prior to this change we had the same exact logic duplicated in our CORS handling method in order to determine if we should send Access-Control-Allow-Origin back to the client with the origin the request came from.

Much clearer to reuse the same code, and reduces the surface area that bugs could arise in.

Signed-off-by: Stephen Gutekanst [email protected]

Merge request reports

Loading