fix: improve CORS logs

2026-01-04 15:39:52 -06:00 · 2021-09-15 07:55:40 +09:30
parent d131479e98
commit 5074e2d0f7
1 changed files with 5 additions and 3 deletions
--- a/app/server.ts
+++ b/app/server.ts
@@ -92,7 +92,7 @@ const getAllowedOrigins = (): string[] => {
 	return [...new Set([
 		// Localhost - Used for GUI mode
 		`http://localhost${webuiHTTPPort ? `:${webuiHTTPPort}` : ''}`,
-		
+
 		// IP
 		`http://${localIp}${webuiHTTPPort ? `:${webuiHTTPPort}` : ''}`,
 		`https://${localIp}${webuiHTTPSPort ? `:${webuiHTTPSPort}` : ''}`,
@@ -124,7 +124,7 @@ app.use(cors({
 	origin: function (origin, callback) {
 		// Get currently allowed origins
 		const allowedOrigins = getAllowedOrigins();
-		log.debug(`Allowed origins: ${allowedOrigins.join(', ')}`);
+		log.trace(`Allowed origins: ${allowedOrigins.join(', ')}`);

 		// Disallow requests with no origin
 		// (like mobile apps, curl requests or viewing /graphql directly)
@@ -140,14 +140,16 @@ app.use(cors({
 			return;
 		}

-		log.debug(`Checking "${origin.toLowerCase()}" for CORS access.`);
+		log.debug(`📒 Checking "${origin.toLowerCase()}" for CORS access.`);

 		// Only allow known origins
 		if (!allowedOrigins.includes(origin.toLowerCase())) {
 			callback(new Error(invalidOrigin), false);
+			log.error('❌ %s is not in the allowed origins list, denying CORS!', origin.toLowerCase());
 			return;
 		}

+		log.debug('✔️ Origin check passed, granting CORS!');
 		callback(null, true);
 	}
 }));