David
David
PostsComments
WWasp-lang
Created by David on 7/30/2024 in #đŸ™‹questions
Deployed /auth/me blocked by CORS policy
I've just deployed my app using wasp cli to fly.io but I get this error when opening my site from Google Chrome (works fine on Safari): 
Access to XMLHttpRequest at 'https://foobar-server.fly.dev/auth/me' from origin 'https://www.foobar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Access to XMLHttpRequest at 'https://foobar-server.fly.dev/auth/me' from origin 'https://www.foobar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I set environment variables and the email sender works just fine. Did I miss something? Or should I try adding global middleware? If so, could someone explain the origins here? Do I put in my fly io links/actual domain/domain with www? 
import cors from 'cors'
import { config, type MiddlewareConfigFn } from 'wasp/server'

export const serverMiddlewareFn: MiddlewareConfigFn = (middlewareConfig) => {
  // Example of adding an extra domains to CORS.
  middlewareConfig.set('cors', cors({ origin: [config.frontendUrl, 'https://example1.com', 'https://example2.com'] }))
  return middlewareConfig
}
import cors from 'cors'
import { config, type MiddlewareConfigFn } from 'wasp/server'

export const serverMiddlewareFn: MiddlewareConfigFn = (middlewareConfig) => {
  // Example of adding an extra domains to CORS.
  middlewareConfig.set('cors', cors({ origin: [config.frontendUrl, 'https://example1.com', 'https://example2.com'] }))
  return middlewareConfig
}
42 replies
WWasp-lang
Created by David on 4/29/2024 in #đŸ™‹questions
File upload size limit
I'm trying to implement max file upload size to the s3 bucket. I've handled the front-end but I worry that more advanced users could bypass this and spam my s3 bucket. Here is what I've been trying on the backend (just added the conditions) but it still uploads files greater than MAX_UPLOAD_SIZE (1 * 1024 * 1024): 
export const getUploadFileSignedURLFromS3 = async ({fileType, userInfo}: S3Upload) => {
    const ex = fileType.split('/')[1];
    const Key = `${userInfo}/${randomUUID()}.${ex}`;
    const Conditions = [
        ["content-length-range", 1, MAX_UPLOAD_SIZE]
    ];

    const s3Params = {
        Bucket: process.env.AWS_S3_FILES_BUCKET,
        Key,
        Conditions,
        ContentType: `${fileType}`
    };

    const command = new PutObjectCommand(s3Params);
    const uploadUrl = await getSignedUrl(s3Client, command, { expiresIn: 3600, });
    
    return { uploadUrl, key: Key };
}
export const getUploadFileSignedURLFromS3 = async ({fileType, userInfo}: S3Upload) => {
    const ex = fileType.split('/')[1];
    const Key = `${userInfo}/${randomUUID()}.${ex}`;
    const Conditions = [
        ["content-length-range", 1, MAX_UPLOAD_SIZE]
    ];

    const s3Params = {
        Bucket: process.env.AWS_S3_FILES_BUCKET,
        Key,
        Conditions,
        ContentType: `${fileType}`
    };

    const command = new PutObjectCommand(s3Params);
    const uploadUrl = await getSignedUrl(s3Client, command, { expiresIn: 3600, });
    
    return { uploadUrl, key: Key };
}
28 replies