1

I have built a NUXT app, and I've added to it a serverMiddleware for handling some REST endpoints and connecting to my database.

serverMiddleware: [
  { path: "/api", handler: "~/api/index.js" },
],

So my question is: How to restrict accessing to /api endpoints from only few hosts ? (like having a list of ALLOWED_ORIGINS)

kissu
  • 40,416
  • 14
  • 65
  • 133
SIHEM BOUHENNICHE
  • 388
  • 2
  • 10
  • Your question is mainly focused on Express itself per-se, nothing specific to Nuxt. So, [this answer](https://stackoverflow.com/a/32481816/8816585) should be a good starting regarding the configuration of such behavior. The bigger image is to check the origin, if it's coming from an allowed place and denying/allowing it. – kissu Apr 25 '22 at 10:45
  • Thanks for your answer, setting Access-Control-Allow-Origin in header resolves my question. – SIHEM BOUHENNICHE Apr 25 '22 at 12:29
  • Perfect, feel free to mark my question as accepted if it helped you somehow. – kissu Apr 25 '22 at 23:48

1 Answers1

0

Setting Access-Control-Allow-Origin in the header solved the issue as explained more in-depth on this answer: https://stackoverflow.com/a/32481816/8816585

Since at the end, this part of Nuxt is a regular Express app.

kissu
  • 40,416
  • 14
  • 65
  • 133