From 32ce771911bf4356625cd853b2d69566aacd9601 Mon Sep 17 00:00:00 2001
From: advplyr <advplyr@protonmail.com>
Date: Wed, 22 Nov 2023 12:37:18 -0600
Subject: [PATCH] Allow cors while in development

---
 server/Server.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/server/Server.js b/server/Server.js
index 1397bbd1..e7be5492 100644
--- a/server/Server.js
+++ b/server/Server.js
@@ -138,11 +138,13 @@ class Server {
      * The mobile app ereader is using fetch api in Capacitor that is currently difficult to switch to native requests
      * so we have to allow cors for specific origins to the /api/items/:id/ebook endpoint
      * @see https://ionicframework.com/docs/troubleshooting/cors
+     * 
+     * Running in development allows cors to allow testing the mobile apps in the browser 
      */
     app.use((req, res, next) => {
-      if (req.path.match(/\/api\/items\/([a-z0-9-]{36})\/ebook(\/[0-9]+)?/)) {
+      if (Logger.isDev || req.path.match(/\/api\/items\/([a-z0-9-]{36})\/ebook(\/[0-9]+)?/)) {
         const allowedOrigins = ['capacitor://localhost', 'http://localhost']
-        if (allowedOrigins.some(o => o === req.get('origin'))) {
+        if (Logger.isDev || allowedOrigins.some(o => o === req.get('origin'))) {
           res.header('Access-Control-Allow-Origin', req.get('origin'))
           res.header("Access-Control-Allow-Methods", 'GET, POST, PATCH, PUT, DELETE, OPTIONS')
           res.header('Access-Control-Allow-Headers', '*')