From d6f94d37d8a2fcb681958e27aff550fae89a5411 Mon Sep 17 00:00:00 2001
From: Baptiste Arnaud <baptiste.arnaud95@gmail.com>
Date: Thu, 18 Jan 2024 10:25:24 +0100
Subject: [PATCH] :bug: (cors) Fix cors setting when bot is origin-restricted

---
 apps/viewer/src/features/chat/api/continueChat.ts | 6 +++++-
 apps/viewer/src/features/chat/api/startChat.ts    | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/apps/viewer/src/features/chat/api/continueChat.ts b/apps/viewer/src/features/chat/api/continueChat.ts
index 03b666dd5..438073514 100644
--- a/apps/viewer/src/features/chat/api/continueChat.ts
+++ b/apps/viewer/src/features/chat/api/continueChat.ts
@@ -55,7 +55,11 @@ export const continueChat = publicProcedure
     ) {
       if (origin && session.state.allowedOrigins.includes(origin))
         res.setHeader('Access-Control-Allow-Origin', origin)
-      else res.removeHeader('Access-Control-Allow-Origin')
+      else
+        res.setHeader(
+          'Access-Control-Allow-Origin',
+          session.state.allowedOrigins[0]
+        )
     }
 
     const {
diff --git a/apps/viewer/src/features/chat/api/startChat.ts b/apps/viewer/src/features/chat/api/startChat.ts
index b2445d13c..084dafbe6 100644
--- a/apps/viewer/src/features/chat/api/startChat.ts
+++ b/apps/viewer/src/features/chat/api/startChat.ts
@@ -59,7 +59,11 @@ export const startChat = publicProcedure
       ) {
         if (origin && newSessionState.allowedOrigins.includes(origin))
           res.setHeader('Access-Control-Allow-Origin', origin)
-        else res.removeHeader('Access-Control-Allow-Origin')
+        else
+          res.setHeader(
+            'Access-Control-Allow-Origin',
+            newSessionState.allowedOrigins[0]
+          )
       }
 
       const session = isOnlyRegistering