fixes origin block response to account for clients sending bad headers

This commit is contained in:
nai-degen 2023-05-22 20:29:49 -05:00
parent 26a6e4cadb
commit b24894d98f
1 changed files with 1 additions and 1 deletions

View File

@ -15,7 +15,7 @@ export const checkOrigin: RequestHandler = (req, res, next) => {
{ origin: req.headers.origin, referer: req.headers.referer },
"Blocked request from origin or referer"
);
if (!req.accepts("html")) {
if (!req.accepts("html") || req.accepts("*/*")) {
return res.status(403).json({
error: { type: "blocked_origin", message: config.blockMessage },
});