fix: restore cors header injection from #4171

badges · May 21, 2020 · acbefa9 · acbefa9
1 parent 8ceb4f2
commit acbefa9
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/core/server/server.js b/core/server/server.js
@@ -443,6 +443,12 @@ class Server {
     const { apiProvider: githubApiProvider } = this.githubConstellation
     suggest.setRoutes(allowedOrigin, githubApiProvider, camp)
 
+    // https://github.com/badges/shields/issues/3273
+    camp.handle((req, res, next) => {
+      res.setHeader('Access-Control-Allow-Origin', '*')
+      next()
+    })
+
     this.registerErrorHandlers()
     this.registerRedirects()
     this.registerServices()

diff --git a/core/server/server.spec.js b/core/server/server.spec.js
@@ -329,4 +329,10 @@ describe('The server', function () {
       })
     })
   })
+
+  it('should return cors header for the request', async function() {
+    const { statusCode, headers } = await got(`${baseUrl}npm/v/express.svg`)
+    expect(statusCode).to.equal(200)
+    expect(headers['access-control-allow-origin']).to.equal('*')
+  })
 })