From 129d54ec4c4c2646be88363bfade100dc425d5e7 Mon Sep 17 00:00:00 2001
From: drunkenhw <drunkenhw@gmail.com>
Date: Fri, 29 Sep 2023 13:07:34 +0900
Subject: [PATCH] chore: same site

---
 .../main/java/com/carffeine/carffeine/web/CorsFilter.java    | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/backend/src/main/java/com/carffeine/carffeine/web/CorsFilter.java b/backend/src/main/java/com/carffeine/carffeine/web/CorsFilter.java
index 5169387c8..5627ea669 100644
--- a/backend/src/main/java/com/carffeine/carffeine/web/CorsFilter.java
+++ b/backend/src/main/java/com/carffeine/carffeine/web/CorsFilter.java
@@ -17,9 +17,12 @@ public class CorsFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         String origin = request.getHeader("Origin");
         log.info("origine ====={}", origin);
-        if (origin.endsWith(".carffe.in")) {
+        if (!origin.isBlank() && origin.endsWith(".carffe.in")) {
             response.setHeader("Access-Control-Allow-Origin", origin);
         }
+        if (origin.isBlank()) {
+            response.setHeader("Access-Control-Allow-Origin", "*");
+        }
         response.setHeader("Access-Control-Allow-Credentials", "true");
         response.setHeader("Access-Control-Allow-Methods", "*");
         response.setHeader("Access-Control-Max-Age", "3600");