fix: hot-reload cors enabled

ory · Aug 11, 2023 · 0cfcf59 · 0cfcf59
1 parent 0bbcc35
commit 0cfcf59
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/driver/config/serve.go b/driver/config/serve.go
@@ -107,6 +107,11 @@ func (p *DefaultProvider) CORS(ctx context.Context, iface ServeInterface) (cors.
 		AllowCredentials: true,
 	})
 	opts.AllowOriginRequestFunc = func(r *http.Request, origin string) bool {
+		// if cors is not enabled, return false
+		// this enables hot-reloading on every request
+		if !p.getProvider(r.Context()).Bool(prefix + ".cors.enabled") {
+			return false
+		}
 		// load the origins from the config on every request to allow hot-reloading
 		allowedOrigins := p.getProvider(r.Context()).Strings(prefix + ".cors.allowed_origins")
 		return corsx.CheckOrigin(allowedOrigins, origin)