pezkuwichain/pwap
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pwap.git synced 2026-04-22 10:17:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: fetch collators from parachains and restrict CORS to production domains

Browse Source 
- NetworkStats now queries Asset Hub and People Chain for collator data
  instead of relay chain (where collatorSelection doesn't exist)
- Restrict Edge Functions CORS to app.pezkuwichain.io domains only
- Add Access-Control-Allow-Credentials header for secure cross-origin requests
This commit is contained in:
Kurdistan Tech Ministry
2026-02-06 06:00:01 +03:00
parent bb61e50794
commit f4f50e7abf
4 changed files with 66 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
web/supabase/functions/process-withdrawal/index.ts
+12 -2
View File
@@ -177,10 +177,20 @@ async function processWithdrawal(
* Main handler
*/
serve(async (req: Request) => {
// CORS headers
// Allowed origins for CORS
const ALLOWED_ORIGINS = [
'https://app.pezkuwichain.io',
'https://www.pezkuwichain.io',
'https://pezkuwichain.io',
]
const requestOrigin = req.headers.get('Origin')
const allowedOrigin = requestOrigin && ALLOWED_ORIGINS.includes(requestOrigin) ? requestOrigin : ALLOWED_ORIGINS[0]
const headers = {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Origin": allowedOrigin,
"Access-Control-Allow-Headers": "authorization, x-client-info, apikey, content-type",
"Access-Control-Allow-Credentials": "true",
"Content-Type": "application/json",
};