From d0dfba27dc8509152db5e9b18d1ef152d976d406 Mon Sep 17 00:00:00 2001 From: imsyy Date: Tue, 5 Nov 2024 15:56:11 +0800 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20feat:=20=E6=94=AF=E6=8C=81=E6=B3=9B?= =?UTF-8?q?=E5=9F=9F=E5=90=8D=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .env | 6 +++++- src/app.tsx | 6 +++++- src/config.ts | 2 ++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/.env b/.env index 69a7f4d1..fcec0173 100644 --- a/.env +++ b/.env @@ -2,7 +2,11 @@ PORT = 6688 # 允许的域名 -ALLOWED_DOMAIN = "*" +ALLOWED_DOMAIN = "https://api-hot.imsyy.top" + +# 允许的主域名,请填写为 imsyy.top +## 若填写该项,将忽略 ALLOWED_DOMAIN +ALLOWED_HOST = "imsyy.top" # ROBOT DISALLOW_ROBOT = true diff --git a/src/app.tsx b/src/app.tsx index 2f3674a7..336eec98 100644 --- a/src/app.tsx +++ b/src/app.tsx @@ -28,7 +28,11 @@ app.use( "*", cors({ // 可写为数组 - origin: config.ALLOWED_DOMAIN, + origin: (origin) => { + // 是否指定域名 + const isSame = origin.endsWith(config.ALLOWED_HOST); + return isSame ? origin : config.ALLOWED_DOMAIN; + }, allowMethods: ["POST", "GET", "OPTIONS"], allowHeaders: ["X-Custom-Header", "Upgrade-Insecure-Requests"], credentials: true, diff --git a/src/config.ts b/src/config.ts index bfaf548f..9f66ffd4 100644 --- a/src/config.ts +++ b/src/config.ts @@ -9,6 +9,7 @@ export type Config = { CACHE_TTL: number; REQUEST_TIMEOUT: number; ALLOWED_DOMAIN: string; + ALLOWED_HOST: string; USE_LOG_FILE: boolean; RSS_MODE: boolean; }; @@ -45,6 +46,7 @@ export const config: Config = { CACHE_TTL: getNumericEnvVariable("CACHE_TTL", 3600), REQUEST_TIMEOUT: getNumericEnvVariable("CACHE_TTL", 6000), ALLOWED_DOMAIN: getEnvVariable("ALLOWED_DOMAIN") || "*", + ALLOWED_HOST: getEnvVariable("ALLOWED_HOST") || "imsyy.top", USE_LOG_FILE: getBooleanEnvVariable("USE_LOG_FILE", true), RSS_MODE: getBooleanEnvVariable("RSS_MODE", false), };