diff --git a/__tests__/api.ts b/__tests__/api.ts index a846a288..3d0869db 100644 --- a/__tests__/api.ts +++ b/__tests__/api.ts @@ -79,6 +79,7 @@ describe('setting of response header `Access-Control-Allow-Origin`', () => { 'http://localhost:3000', 'http://localhost:3001', 'https://frontend-7md9ymhyw-serlo.vercel.app', + 'https://chancencampus.org', ] describe('when we are in the staging environment, the same value is sent back in `Access-Control-Allow-Origin`', () => { @@ -94,7 +95,7 @@ describe('setting of response header `Access-Control-Allow-Origin`', () => { }) }) - describe('when we are in the production environment, the current domain is sent back in `Access-Control-Allow-Origin`', () => { + describe('when we are in the production environment, the current domain or chancencampus.org is sent back in `Access-Control-Allow-Origin`', () => { test.each(domains)('when `Origin` is `%s`', async (origin) => { const env = currentTestEnvironmentWhen( (conf) => conf.ENVIRONMENT === 'production', @@ -103,9 +104,15 @@ describe('setting of response header `Access-Control-Allow-Origin`', () => { const response = await fetchApi({ headers: { Origin: origin } }, env) - expect(response.headers.get('Access-Control-Allow-Origin')).toBe( - `https://${env.getDomain()}`, - ) + if (origin == 'https://chancencampus.org') { + expect(response.headers.get('Access-Control-Allow-Origin')).toBe( + 'https://chancencampus.org', + ) + } else { + expect(response.headers.get('Access-Control-Allow-Origin')).toBe( + `https://${env.getDomain()}`, + ) + } }) }) }) diff --git a/src/api.ts b/src/api.ts index 16795dec..ee6c3bc2 100644 --- a/src/api.ts +++ b/src/api.ts @@ -73,7 +73,8 @@ function getAllowedOrigin(requestOrigin: string | null, env: CFEnvironment) { url.port === '8000' || url.port === '8080')) || url.hostname.includes('-serlo.vercel.app'))) || - url.hostname.includes('.adornis.de') + url.hostname.includes('.adornis.de') || + url.domain === 'chancencampus.org' ) { return requestOrigin }