-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathproxy.ts
More file actions
34 lines (30 loc) · 1.13 KB
/
proxy.ts
File metadata and controls
34 lines (30 loc) · 1.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
export function proxy(request: NextRequest) {
if (request.method === "OPTIONS") {
const response = new NextResponse(null, { status: 204 });
response.headers.set("Access-Control-Allow-Origin", "*");
response.headers.set(
"Access-Control-Allow-Methods",
"GET,POST,PUT,DELETE,OPTIONS"
);
response.headers.set("Access-Control-Allow-Headers", "*");
return response;
}
const response = NextResponse.next({
headers: {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET,POST,PUT,DELETE,OPTIONS",
"Access-Control-Allow-Headers": "*",
},
});
// Allow this page to be embedded in iframes from any origin
// This is necessary when hosting in an iframe on a different domain
// Note: We don't set X-Frame-Options since it would conflict with CSP frame-ancestors
// The CSP frame-ancestors directive allows embedding from any origin
response.headers.set("Content-Security-Policy", "frame-ancestors *;");
return response;
}
export const config = {
matcher: "/:path*",
};