Embed script deployment fixes (#37)

* Don't EncodeURIComponent * Fix CORS * Explicitly define CORS header
2023-03-03 09:13:53 -05:00 · 2023-03-03 09:13:53 -05:00 · f4b9ed39ab
parent 83938f73b5
commit f4b9ed39ab
3 changed files with 5 additions and 6 deletions
--- a/api/app.js
+++ b/api/app.js
@ -11,10 +11,6 @@ app.use("/api", apiRoutes);

 app.use((req, res, next) => {
  res.header("Access-Control-Allow-Origin", "*");
-  res.header(
-    "Access-Control-Allow-Headers",
-    "Origin, X-Requested-With, Content-Type, Accept, Authorization"
-  );

  next();
 });
--- a/api/routes.js
+++ b/api/routes.js
@ -23,10 +23,11 @@ router.get("/:handle([0-9]+.[0-9]+.[0-9]+/[0-9]+)", async (req, res) => {
      return res.status(500).json(responseData);
    }

+    res.header("Access-Control-Allow-Origin", "*");
+
    res.status(200).json({
      items: responseData,
    });
-
  } catch (e) {
    console.error(e);
    return res.status(500).json({ error: "Internal server error" });
@ -50,6 +51,8 @@ router.get("/:handle([0-9]+.[0-9]+.[0-9]+/[0-9]+)/ngrams", async (req, res) => {
      return res.status(500).json(responseData);
    }

+    res.header("Access-Control-Allow-Origin", "*");
+
    return res.status(200).json(responseData);
  } catch (e) {
    return res.status(500).json({ error: "Internal server error" });
--- a/embed-script/embed.js
+++ b/embed-script/embed.js
@ -9,7 +9,7 @@ async function mountSuggestions() {
    return;
  }

-  const url = (handle) => FETCH_URL_HOST + "/api/" + encodeURIComponent(handle);
+  const url = (handle) => FETCH_URL_HOST + "/api/" + handle;

  // get handle from property on mount element
  // TODO also get from URL