fix(server): use cors lib

Author: RetricSu

frontend/vite.config.ts

@@ -8,7 +8,7 @@ export default defineConfig({
     },
     define: {
         "import.meta.env.VITE_HTTP_API_URL": JSON.stringify(
-            "http://13.251.229.198:3000", //"http://localhost:3000",
+            "https://ckb-tx-elevator-api.ckbapp.dev", //"http://13.251.229.198:3000", //"http://localhost:3000",
         ),
     },
 });

package.json

@@ -22,6 +22,7 @@
     "license": "ISC",
     "devDependencies": {
         "@biomejs/biome": "^1.9.4",
+        "@types/cors": "^2.8.17",
         "@types/express": "^5.0.0",
         "@types/node": "^22.10.2",
         "@types/ws": "^8.5.13",
@@ -33,6 +34,7 @@
         "@ckb-ccc/core": "^1.2.1",
         "@types/better-sqlite3": "^7.6.12",
         "better-sqlite3": "^11.7.2",
+        "cors": "^2.8.5",
         "dotenv": "^16.4.7",
         "express": "^4.21.2",
         "winston": "^3.17.0",

pnpm-lock.yaml

@@ -3,24 +3,18 @@ import express, { type Request, type Response } from "express";
 import { Config } from "../core/config";
 import type { DB } from "../db";
 import { logger } from "../util/logger";
+import cors from "cors";
 
 export function createServer(db: DB) {
     const app = express();
 
-    app.use((_req, res, next) => {
-        for (const origin of Config.allowOrigin) {
-            res.header("Access-Control-Allow-Origin", origin);
-        }
-        if (Config.allowOrigin.length > 0) {
-            res.header(
-                "Access-Control-Allow-Methods",
-                "GET, POST, PUT, DELETE",
-            );
-            res.header("Access-Control-Allow-Headers", "Content-Type");
-        }
-
-        next();
-    });
+    app.use(
+        cors({
+            origin: Config.allowOrigin,
+            methods: "GET, POST, PUT, DELETE",
+            allowedHeaders: "Content-Type",
+        }),
+    );
 
     app.get("/pending-txs", async (_req: Request, res: Response) => {
         const transactions = db.getPendingTransactions();