restore cors header injection from #4171, run [npm travis] (#4255)

* fix: restore cors header injection from #4171 * tests: move test into describe * prettier
badges · Dec 5, 2021 · 38c1e2d · 38c1e2d
1 parent b53ac49
commit 38c1e2d
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/core/server/server.js b/core/server/server.js
@@ -506,6 +506,12 @@ class Server {
     const { apiProvider: githubApiProvider } = this.githubConstellation
     setRoutes(allowedOrigin, githubApiProvider, camp)
 
+    // https://github.com/badges/shields/issues/3273
+    camp.handle((req, res, next) => {
+      res.setHeader('Access-Control-Allow-Origin', '*')
+      next()
+    })
+
     this.registerErrorHandlers()
     this.registerRedirects()
     await this.registerServices()

diff --git a/core/server/server.spec.js b/core/server/server.spec.js
@@ -64,6 +64,12 @@ describe('The server', function () {
       expect(headers['cache-control']).to.equal('max-age=3600, s-maxage=3600')
     })
 
+    it('should return cors header for the request', async function () {
+      const { statusCode, headers } = await got(`${baseUrl}npm/v/express.svg`)
+      expect(statusCode).to.equal(200)
+      expect(headers['access-control-allow-origin']).to.equal('*')
+    })
+
     it('should redirect colorscheme PNG badges as configured', async function () {
       const { statusCode, headers } = await got(
         `${baseUrl}:fruit-apple-green.png`,
@@ -201,6 +207,12 @@ describe('The server', function () {
         .and.to.include('410')
         .and.to.include('jpg no longer available')
     })
+
+    it('should return cors header for the request', async function () {
+      const { statusCode, headers } = await got(`${baseUrl}npm/v/express.svg`)
+      expect(statusCode).to.equal(200)
+      expect(headers['access-control-allow-origin']).to.equal('*')
+    })
   })
 
   context('`requireCloudflare` is enabled', function () {