From 8a7a0695c43effcc1fe06060ee4b0c7ec6a4083c Mon Sep 17 00:00:00 2001
From: Zak Burke <zburke@ebsco.com>
Date: Thu, 22 Aug 2024 15:25:55 -0400
Subject: [PATCH] reset Access-Control-Allow-* headers to avoid CORS issues

---
 lib/commands/serve.js |  2 +-
 lib/run-proxy.js      | 11 +++++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/commands/serve.js b/lib/commands/serve.js
index 00300e2..12fa330 100644
--- a/lib/commands/serve.js
+++ b/lib/commands/serve.js
@@ -52,7 +52,7 @@ function serveCommand(argv) {
 
   if (argv.startProxy) {
     console.info('starting proxy');
-    childProcess.fork(path.resolve(context.cliRoot, './lib/run-proxy.js'), [argv.okapi, argv.proxyPort]);
+    childProcess.fork(path.resolve(context.cliRoot, './lib/run-proxy.js'), [argv.okapi, argv.proxyPort, argv.port]);
     // if we're using a proxy server - we need to pass the proxy host as okapi to Stripes platform
     replaceArgvOkapiWithProxyURL(argv);
   }
diff --git a/lib/run-proxy.js b/lib/run-proxy.js
index 31e62a1..7668636 100644
--- a/lib/run-proxy.js
+++ b/lib/run-proxy.js
@@ -4,14 +4,21 @@ const { createProxyMiddleware } = require('http-proxy-middleware');
 const app = express();
 
 const OKAPI = process.argv[2];
-const PORT = process.argv[3];
+const PROXY_PORT = process.argv[3];
+const PORT = process.argv[4];
 
 app.use(
   '/',
   createProxyMiddleware({
     target: OKAPI,
     changeOrigin: true,
+    on: {
+      proxyRes: (proxyRes) => {
+        proxyRes.headers['Access-Control-Allow-Origin'] = `http://localhost:${PORT}`;
+        proxyRes.headers['Access-Control-Allow-Credentials'] = 'true';
+      },
+    },
   }),
 );
 
-app.listen(PORT);
+app.listen(PROXY_PORT);