MCPcopy Index your code
hub / github.com/ZenNotes/zennotes / logCORSRejection

Method logCORSRejection

apps/server/internal/httpserver/security.go:353–358  ·  view source on GitHub ↗

logCORSRejection emits one log line per unique origin so a misconfigured ZENNOTES_ALLOWED_ORIGINS surfaces in operator logs instead of silently failing in the browser.

(origin string)

Source from the content-addressed store, hash-verified

351// misconfigured ZENNOTES_ALLOWED_ORIGINS surfaces in operator logs
352// instead of silently failing in the browser.
353func (s *Server) logCORSRejection(origin string) {
354 if _, loaded := s.loggedOrigins.LoadOrStore(origin, struct{}{}); loaded {
355 return
356 }
357 log.Printf("CORS rejected origin %q; add it to ZENNOTES_ALLOWED_ORIGINS to allow it", origin)
358}
359
360func contentSecurityPolicy() string {
361 return strings.Join([]string{

Callers 1

corsMiddlewareMethod · 0.95

Calls

no outgoing calls

Tested by

no test coverage detected