From b24894d98f30107ffa31b2a25c804d94f4995c48 Mon Sep 17 00:00:00 2001 From: nai-degen Date: Mon, 22 May 2023 20:29:49 -0500 Subject: [PATCH] fixes origin block response to account for clients sending bad headers --- src/proxy/check-origin.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/proxy/check-origin.ts b/src/proxy/check-origin.ts index edd1ae6..49ef9b3 100644 --- a/src/proxy/check-origin.ts +++ b/src/proxy/check-origin.ts @@ -15,7 +15,7 @@ export const checkOrigin: RequestHandler = (req, res, next) => { { origin: req.headers.origin, referer: req.headers.referer }, "Blocked request from origin or referer" ); - if (!req.accepts("html")) { + if (!req.accepts("html") || req.accepts("*/*")) { return res.status(403).json({ error: { type: "blocked_origin", message: config.blockMessage }, });