CORS Header (Access-Control-Allow-Origin) is missing again

Question

CORS Header (Access-Control-Allow-Origin) is missing again

Steve-xmh opened this issue a year ago · 2 comments

Description

First of all, thank you for this free and available pastebins service!

I've noticed that #225 added header Access-Control-Allow-Origin: * that I can use for uploading some temporary data via javascript, but the header is missing now without reason:

I know it will be a cash-burning work to deliver this free service. So if it's intentional I'll close this issue.

Steps to reproduce

const rawUrl = await fetch("https://dpaste.org/api/", {
    method: "POST",
    mode: "cors",
    headers: {
        "Content-Type": "application/x-www-form-urlencoded"
    },
    body: "format=url&expires=3600&filename=somedata.txt&content=testing"
});

Answer 1 · 2023-11-20T17:31:59.000Z

Hello, Yes, I've temporarily removed the CORS due to the way I implemented it. Due to how many request dpaste was getting, I was getting billed by Cloudflare per that extra request

I must admit the way I add CORS @ Cloudflare edge was a bit stupid. I've pushed the changes I was planning on doing since that request was made. Access-Control-Allow-Origin is enabled again now, and the way I implemented it is way better, because I added it in the application layer :D

Answer 2 · 2023-11-21T00:33:11.000Z

It's backed to work now. Thank you so much!