For applications with dynamic CORS requirements, you might use environment variables or configuration files to manage allowed origins and settings.
const allowedOrigins = process.env.ALLOWED_ORIGINS.split(',');
const corsOptions = {
origin: (origin, callback) => {
if (allowedOrigins.includes(origin) || !origin) {
callback(null, true);
} else {
callback(new Error('Not allowed by CORS'));
}
},
};
Leave a Reply