From b580db3fb017983caf5287ae7bbdd024a1126c8c Mon Sep 17 00:00:00 2001 From: pac7 <47831526-pac7@users.noreply.replit.com> Date: Wed, 8 Oct 2025 20:23:01 +0000 Subject: [PATCH] Improve error handling and stability across the application Refactor error handling in `useEntityVersions` and `useSearch` hooks, enhance `NotificationService` with better error extraction and logging, and implement critical fallback mechanisms in the `detect-location` function's rate limit cleanup. Update CORS configuration in `upload-image` function for stricter origin checks and better security. Replit-Commit-Author: Agent Replit-Commit-Session-Id: f4df1950-6410-48d0-b2de-f4096732504b Replit-Commit-Checkpoint-Type: intermediate_checkpoint --- .replit | 4 + src/hooks/useEntityVersions.ts | 51 +++++--- src/hooks/useSearch.tsx | 20 ++-- src/lib/notificationService.ts | 110 +++++++++++++----- supabase/functions/detect-location/index.ts | 122 ++++++++++++++++++-- supabase/functions/upload-image/index.ts | 74 ++++++++---- 6 files changed, 294 insertions(+), 87 deletions(-) diff --git a/.replit b/.replit index fc81a45d..5ee63a69 100644 --- a/.replit +++ b/.replit @@ -33,3 +33,7 @@ outputType = "webview" [[ports]] localPort = 5000 externalPort = 80 + +[[ports]] +localPort = 33153 +externalPort = 3000 diff --git a/src/hooks/useEntityVersions.ts b/src/hooks/useEntityVersions.ts index 4820d71c..de587b7b 100644 --- a/src/hooks/useEntityVersions.ts +++ b/src/hooks/useEntityVersions.ts @@ -45,15 +45,22 @@ export function useEntityVersions(entityType: string, entityId: string) { // Use a request counter to track the latest fetch and prevent race conditions const requestCounterRef = useRef(0); + + // Request counter for fetchFieldHistory + const fieldHistoryRequestCounterRef = useRef(0); const fetchVersions = useCallback(async () => { + if (!isMountedRef.current) return; + + // Increment counter and capture the current request ID BEFORE try block + const currentRequestId = ++requestCounterRef.current; + try { - if (!isMountedRef.current) return; - // Increment counter and capture the current request ID - const currentRequestId = ++requestCounterRef.current; - - setLoading(true); + // Only set loading if this is still the latest request + if (isMountedRef.current && currentRequestId === requestCounterRef.current) { + setLoading(true); + } const { data, error } = await supabase .from('entity_versions') @@ -64,8 +71,8 @@ export function useEntityVersions(entityType: string, entityId: string) { if (error) throw error; - // Only continue if this is still the latest request - if (currentRequestId !== requestCounterRef.current) return; + // Only continue if this is still the latest request and component is mounted + if (!isMountedRef.current || currentRequestId !== requestCounterRef.current) return; // Safety check: verify data is an array before processing if (!Array.isArray(data)) { @@ -84,8 +91,8 @@ export function useEntityVersions(entityType: string, entityId: string) { .select('user_id, username, avatar_url') .in('user_id', userIds); - // Check again if this is still the latest request - if (currentRequestId !== requestCounterRef.current) return; + // Check again if this is still the latest request and component is mounted + if (!isMountedRef.current || currentRequestId !== requestCounterRef.current) return; // Safety check: verify profiles array exists before filtering const profilesArray = Array.isArray(profiles) ? profiles : []; @@ -109,8 +116,10 @@ export function useEntityVersions(entityType: string, entityId: string) { } } catch (error: any) { console.error('Error fetching versions:', error); - if (isMountedRef.current) { - // Safe error message access with fallback + + // Use the captured currentRequestId (DO NOT re-read requestCounterRef.current) + // Only update state if component is mounted and this is still the latest request + if (isMountedRef.current && currentRequestId === requestCounterRef.current) { const errorMessage = error?.message || 'Failed to load version history'; toast.error(errorMessage); setLoading(false); @@ -119,6 +128,11 @@ export function useEntityVersions(entityType: string, entityId: string) { }, [entityType, entityId]); const fetchFieldHistory = async (versionId: string) => { + if (!isMountedRef.current) return; + + // Increment counter and capture the current request ID BEFORE try block + const currentRequestId = ++fieldHistoryRequestCounterRef.current; + try { const { data, error } = await supabase .from('entity_field_history') @@ -128,14 +142,17 @@ export function useEntityVersions(entityType: string, entityId: string) { if (error) throw error; - if (isMountedRef.current) { - // Safety check: ensure data is an array + // Only update state if component is mounted and this is still the latest request + if (isMountedRef.current && currentRequestId === fieldHistoryRequestCounterRef.current) { const fieldChanges = Array.isArray(data) ? data as FieldChange[] : []; setFieldHistory(fieldChanges); } } catch (error: any) { console.error('Error fetching field history:', error); - if (isMountedRef.current) { + + // Use the captured currentRequestId (DO NOT re-read fieldHistoryRequestCounterRef.current) + // Only show error if component is mounted and this is still the latest request + if (isMountedRef.current && currentRequestId === fieldHistoryRequestCounterRef.current) { const errorMessage = error?.message || 'Failed to load field history'; toast.error(errorMessage); } @@ -164,6 +181,8 @@ export function useEntityVersions(entityType: string, entityId: string) { const rollbackToVersion = async (targetVersionId: string, reason: string) => { try { + if (!isMountedRef.current) return null; + const { data: userData } = await supabase.auth.getUser(); if (!userData.user) throw new Error('Not authenticated'); @@ -194,6 +213,8 @@ export function useEntityVersions(entityType: string, entityId: string) { const createVersion = async (versionData: any, changeReason?: string, submissionId?: string) => { try { + if (!isMountedRef.current) return null; + const { data: userData } = await supabase.auth.getUser(); if (!userData.user) throw new Error('Not authenticated'); @@ -273,7 +294,7 @@ export function useEntityVersions(entityType: string, entityId: string) { channelRef.current = null; } }; - }, [entityType, entityId]); + }, [entityType, entityId, fetchVersions]); // Set mounted ref on mount and cleanup on unmount useEffect(() => { diff --git a/src/hooks/useSearch.tsx b/src/hooks/useSearch.tsx index 438ff83e..610c9530 100644 --- a/src/hooks/useSearch.tsx +++ b/src/hooks/useSearch.tsx @@ -27,7 +27,7 @@ const DEFAULT_MIN_QUERY = 2; const DEFAULT_DEBOUNCE_MS = 300; export function useSearch(options: UseSearchOptions = {}) { - // State declarations MUST come first to maintain hook order + // All hooks declarations in stable order const [query, setQuery] = useState(''); const [results, setResults] = useState([]); const [loading, setLoading] = useState(false); @@ -35,15 +35,17 @@ export function useSearch(options: UseSearchOptions = {}) { const [recentSearches, setRecentSearches] = useState([]); const [debouncedQuery, setDebouncedQuery] = useState(''); - // Stabilize options using JSON stringify to prevent infinite loops from array recreation - const optionsKey = JSON.stringify({ - types: options.types || DEFAULT_TYPES, - limit: options.limit || DEFAULT_LIMIT, - minQuery: options.minQuery || DEFAULT_MIN_QUERY, - debounceMs: options.debounceMs || DEFAULT_DEBOUNCE_MS - }); + // Use useMemo to stabilize options, but use safe defaults to prevent undefined errors during HMR + const stableOptions = useMemo(() => { + const safeOptions = options || {}; + return { + types: safeOptions.types || DEFAULT_TYPES, + limit: safeOptions.limit ?? DEFAULT_LIMIT, + minQuery: safeOptions.minQuery ?? DEFAULT_MIN_QUERY, + debounceMs: safeOptions.debounceMs ?? DEFAULT_DEBOUNCE_MS, + }; + }, [options]); - const stableOptions = useMemo(() => JSON.parse(optionsKey), [optionsKey]); const { types, limit, minQuery, debounceMs } = stableOptions; useEffect(() => { diff --git a/src/lib/notificationService.ts b/src/lib/notificationService.ts index 7bce1bc2..3ed9b4f1 100644 --- a/src/lib/notificationService.ts +++ b/src/lib/notificationService.ts @@ -38,6 +38,16 @@ class NotificationService { this.isNovuEnabled = !!import.meta.env.VITE_NOVU_APPLICATION_IDENTIFIER; } + private extractErrorMessage(error: unknown): string { + if (error instanceof Error) { + return error.message; + } + if (error && typeof error === 'object' && 'message' in error && typeof error.message === 'string') { + return error.message; + } + return 'An unexpected error occurred'; + } + /** * Create or update a Novu subscriber */ @@ -52,9 +62,17 @@ class NotificationService { body: subscriberData, }); - if (error) throw error; + if (error) { + console.error('Edge function error creating Novu subscriber:', error); + throw error; + } + + if (!data || !data.subscriberId) { + const errorMsg = 'Invalid response from create-novu-subscriber function'; + console.error(errorMsg, { data }); + return { success: false, error: errorMsg }; + } - // Update local database with Novu subscriber ID const { error: dbError } = await supabase .from('user_notification_preferences') .upsert({ @@ -62,12 +80,16 @@ class NotificationService { novu_subscriber_id: data.subscriberId, }); - if (dbError) throw dbError; + if (dbError) { + console.error('Database error storing subscriber preferences:', dbError); + throw dbError; + } + console.log('Novu subscriber created successfully:', data.subscriberId); return { success: true }; - } catch (error: any) { + } catch (error: unknown) { console.error('Error creating Novu subscriber:', error); - return { success: false, error: error instanceof Error ? error.message : 'An unexpected error occurred' }; + return { success: false, error: this.extractErrorMessage(error) }; } } @@ -85,13 +107,16 @@ class NotificationService { body: subscriberData, }); - if (error) throw error; + if (error) { + console.error('Edge function error updating Novu subscriber:', error); + throw error; + } - console.log('Novu subscriber updated successfully'); + console.log('Novu subscriber updated successfully:', subscriberData.subscriberId); return { success: true }; - } catch (error: any) { + } catch (error: unknown) { console.error('Error updating Novu subscriber:', error); - return { success: false, error: error instanceof Error ? error.message : 'An unexpected error occurred' }; + return { success: false, error: this.extractErrorMessage(error) }; } } @@ -103,7 +128,6 @@ class NotificationService { preferences: NotificationPreferences ): Promise<{ success: boolean; error?: string }> { if (!this.isNovuEnabled) { - // Save to local database only try { const { error } = await supabase .from('user_notification_preferences') @@ -114,10 +138,16 @@ class NotificationService { frequency_settings: preferences.frequencySettings, }); - if (error) throw error; + if (error) { + console.error('Database error saving preferences (Novu disabled):', error); + throw error; + } + + console.log('Preferences saved to local database:', userId); return { success: true }; - } catch (error: any) { - return { success: false, error: error.message }; + } catch (error: unknown) { + console.error('Error saving preferences to local database:', error); + return { success: false, error: this.extractErrorMessage(error) }; } } @@ -129,9 +159,11 @@ class NotificationService { }, }); - if (error) throw error; + if (error) { + console.error('Edge function error updating Novu preferences:', error); + throw error; + } - // Also update local database const { error: dbError } = await supabase .from('user_notification_preferences') .upsert({ @@ -141,12 +173,16 @@ class NotificationService { frequency_settings: preferences.frequencySettings, }); - if (dbError) throw dbError; + if (dbError) { + console.error('Database error saving preferences locally:', dbError); + throw dbError; + } + console.log('Preferences updated successfully:', userId); return { success: true }; - } catch (error: any) { + } catch (error: unknown) { console.error('Error updating preferences:', error); - return { success: false, error: error.message }; + return { success: false, error: this.extractErrorMessage(error) }; } } @@ -164,9 +200,17 @@ class NotificationService { body: payload, }); - if (error) throw error; + if (error) { + console.error('Edge function error triggering notification:', error); + throw error; + } + + if (!data || !data.transactionId) { + const errorMsg = 'Invalid response from trigger-notification function'; + console.error(errorMsg, { data }); + return { success: false, error: errorMsg }; + } - // Log notification in local database await this.logNotification({ userId: payload.subscriberId, workflowId: payload.workflowId, @@ -174,10 +218,11 @@ class NotificationService { payload: payload.payload, }); + console.log('Notification triggered successfully:', data.transactionId); return { success: true, transactionId: data.transactionId }; - } catch (error: any) { + } catch (error: unknown) { console.error('Error triggering notification:', error); - return { success: false, error: error.message }; + return { success: false, error: this.extractErrorMessage(error) }; } } @@ -192,10 +237,13 @@ class NotificationService { .eq('user_id', userId) .single(); - if (error && error.code !== 'PGRST116') throw error; + if (error && error.code !== 'PGRST116') { + console.error('Database error fetching preferences:', error); + throw error; + } if (!data) { - // Return default preferences + console.log('No preferences found for user, returning defaults:', userId); return { channelPreferences: { in_app: true, @@ -216,8 +264,8 @@ class NotificationService { workflowPreferences: data.workflow_preferences as any, frequencySettings: data.frequency_settings as any, }; - } catch (error: any) { - console.error('Error fetching preferences:', error); + } catch (error: unknown) { + console.error('Error fetching notification preferences for user:', userId, error); return null; } } @@ -233,10 +281,14 @@ class NotificationService { .eq('is_active', true) .order('category', { ascending: true }); - if (error) throw error; + if (error) { + console.error('Database error fetching notification templates:', error); + throw error; + } + return data || []; - } catch (error: any) { - console.error('Error fetching templates:', error); + } catch (error: unknown) { + console.error('Error fetching notification templates:', error); return []; } } diff --git a/supabase/functions/detect-location/index.ts b/supabase/functions/detect-location/index.ts index 68c08f8f..f150de28 100644 --- a/supabase/functions/detect-location/index.ts +++ b/supabase/functions/detect-location/index.ts @@ -17,10 +17,16 @@ const RATE_LIMIT_WINDOW = 60000; // 1 minute in milliseconds const MAX_REQUESTS = 10; // 10 requests per minute per IP const MAX_MAP_SIZE = 10000; // Maximum number of IPs to track +// Cleanup failure tracking to prevent silent failures +let cleanupFailureCount = 0; +const MAX_CLEANUP_FAILURES = 5; // Threshold before forcing drastic cleanup +const CLEANUP_FAILURE_RESET_INTERVAL = 300000; // Reset failure count every 5 minutes + function cleanupExpiredEntries() { try { const now = Date.now(); let deletedCount = 0; + const mapSizeBefore = rateLimitMap.size; for (const [ip, data] of rateLimitMap.entries()) { if (now > data.resetAt) { @@ -29,14 +35,74 @@ function cleanupExpiredEntries() { } } + // Log cleanup activity for monitoring if (deletedCount > 0) { - console.log(`Cleaned up ${deletedCount} expired rate limit entries`); + console.log(`[Cleanup] Removed ${deletedCount} expired entries. Map size: ${mapSizeBefore} -> ${rateLimitMap.size}`); } + + // Reset failure count on successful cleanup + if (cleanupFailureCount > 0) { + console.log(`[Cleanup] Successful cleanup after ${cleanupFailureCount} previous failures. Resetting failure count.`); + cleanupFailureCount = 0; + } + } catch (error) { - console.error('Error during cleanup:', error); + // CRITICAL: Increment failure counter and log detailed error information + cleanupFailureCount++; + + const errorMessage = error instanceof Error ? error.message : String(error); + const errorStack = error instanceof Error ? error.stack : 'No stack trace available'; + + console.error(`[Cleanup Error] Cleanup failed (attempt ${cleanupFailureCount}/${MAX_CLEANUP_FAILURES})`); + console.error(`[Cleanup Error] Error message: ${errorMessage}`); + console.error(`[Cleanup Error] Stack trace: ${errorStack}`); + console.error(`[Cleanup Error] Current map size: ${rateLimitMap.size}`); + + // FALLBACK MECHANISM: If cleanup fails repeatedly, force clear to prevent memory leak + if (cleanupFailureCount >= MAX_CLEANUP_FAILURES) { + console.error(`[Cleanup CRITICAL] Cleanup has failed ${cleanupFailureCount} times consecutively!`); + console.error(`[Cleanup CRITICAL] Forcing emergency cleanup to prevent memory leak...`); + + try { + // Emergency: Clear oldest 50% of entries to prevent unbounded growth + const entriesToClear = Math.floor(rateLimitMap.size * 0.5); + const sortedEntries = Array.from(rateLimitMap.entries()) + .sort((a, b) => a[1].resetAt - b[1].resetAt); + + let clearedCount = 0; + for (let i = 0; i < entriesToClear && i < sortedEntries.length; i++) { + rateLimitMap.delete(sortedEntries[i][0]); + clearedCount++; + } + + console.warn(`[Cleanup CRITICAL] Emergency cleanup completed. Cleared ${clearedCount} entries. Map size: ${rateLimitMap.size}`); + + // Reset failure count after emergency cleanup + cleanupFailureCount = 0; + + } catch (emergencyError) { + // Last resort: If even emergency cleanup fails, clear everything + console.error(`[Cleanup CRITICAL] Emergency cleanup failed! Clearing entire rate limit map.`); + console.error(`[Cleanup CRITICAL] Emergency error: ${emergencyError}`); + + const originalSize = rateLimitMap.size; + rateLimitMap.clear(); + + console.warn(`[Cleanup CRITICAL] Cleared entire rate limit map (${originalSize} entries) to prevent memory leak.`); + cleanupFailureCount = 0; + } + } } } +// Reset cleanup failure count periodically to avoid permanent emergency state +setInterval(() => { + if (cleanupFailureCount > 0) { + console.warn(`[Cleanup] Resetting failure count (was ${cleanupFailureCount}) after timeout period.`); + cleanupFailureCount = 0; + } +}, CLEANUP_FAILURE_RESET_INTERVAL); + function checkRateLimit(ip: string): { allowed: boolean; retryAfter?: number } { const now = Date.now(); const existing = rateLimitMap.get(ip); @@ -59,15 +125,41 @@ function checkRateLimit(ip: string): { allowed: boolean; retryAfter?: number } { // If still at capacity after cleanup, remove oldest entries (LRU eviction) if (rateLimitMap.size >= MAX_MAP_SIZE) { - const toDelete = Math.floor(MAX_MAP_SIZE * 0.3); // Remove 30% of entries - const sortedEntries = Array.from(rateLimitMap.entries()) - .sort((a, b) => a[1].resetAt - b[1].resetAt); - - for (let i = 0; i < toDelete && i < sortedEntries.length; i++) { - rateLimitMap.delete(sortedEntries[i][0]); + try { + const toDelete = Math.floor(MAX_MAP_SIZE * 0.3); // Remove 30% of entries + const sortedEntries = Array.from(rateLimitMap.entries()) + .sort((a, b) => a[1].resetAt - b[1].resetAt); + + let deletedCount = 0; + for (let i = 0; i < toDelete && i < sortedEntries.length; i++) { + rateLimitMap.delete(sortedEntries[i][0]); + deletedCount++; + } + + console.warn(`[Rate Limit] Map reached ${MAX_MAP_SIZE} entries. Cleared ${deletedCount} oldest entries. New size: ${rateLimitMap.size}`); + } catch (evictionError) { + // CRITICAL: LRU eviction failed - log error and attempt emergency clear + console.error(`[Rate Limit CRITICAL] LRU eviction failed! Error: ${evictionError}`); + console.error(`[Rate Limit CRITICAL] Map size: ${rateLimitMap.size}`); + + try { + // Emergency: Clear first 30% of entries without sorting + const targetSize = Math.floor(MAX_MAP_SIZE * 0.7); + const keysToDelete: string[] = []; + + for (const [key] of rateLimitMap.entries()) { + if (rateLimitMap.size <= targetSize) break; + keysToDelete.push(key); + } + + keysToDelete.forEach(key => rateLimitMap.delete(key)); + + console.warn(`[Rate Limit CRITICAL] Emergency eviction cleared ${keysToDelete.length} entries. New size: ${rateLimitMap.size}`); + } catch (emergencyError) { + console.error(`[Rate Limit CRITICAL] Emergency eviction also failed! Clearing entire map. Error: ${emergencyError}`); + rateLimitMap.clear(); + } } - - console.warn(`Rate limit map reached ${MAX_MAP_SIZE} entries. Cleared ${toDelete} oldest entries.`); } } @@ -166,7 +258,13 @@ serve(async (req) => { ); } catch (error) { - console.error('Error detecting location:', error); + // Enhanced error logging for better visibility and debugging + const errorMessage = error instanceof Error ? error.message : String(error); + const errorStack = error instanceof Error ? error.stack : 'No stack trace available'; + + console.error('[Location Detection Error] Request failed'); + console.error(`[Location Detection Error] Message: ${errorMessage}`); + console.error(`[Location Detection Error] Stack: ${errorStack}`); // Return default (metric) with 500 status to indicate error occurred // This allows proper error monitoring while still providing fallback data @@ -179,7 +277,7 @@ serve(async (req) => { return new Response( JSON.stringify({ ...defaultResult, - error: error instanceof Error ? error.message : 'Failed to detect location', + error: errorMessage, fallback: true }), { diff --git a/supabase/functions/upload-image/index.ts b/supabase/functions/upload-image/index.ts index 519a393d..71d32c8a 100644 --- a/supabase/functions/upload-image/index.ts +++ b/supabase/functions/upload-image/index.ts @@ -2,7 +2,12 @@ import { serve } from "https://deno.land/std@0.168.0/http/server.ts" import { createClient } from 'https://esm.sh/@supabase/supabase-js@2' // Environment-aware CORS configuration -const getAllowedOrigin = (requestOrigin: string | null): string => { +const getAllowedOrigin = (requestOrigin: string | null): string | null => { + // If no origin header, it's not a CORS request (same-origin or server-to-server) + if (!requestOrigin) { + return null; + } + const environment = Deno.env.get('ENVIRONMENT') || 'development'; // Production allowlist - configure via ALLOWED_ORIGINS environment variable @@ -10,36 +15,44 @@ const getAllowedOrigin = (requestOrigin: string | null): string => { const allowedOriginsEnv = Deno.env.get('ALLOWED_ORIGINS') || ''; const allowedOrigins = allowedOriginsEnv.split(',').filter(origin => origin.trim()); - // In development, allow localhost and Replit domains + // In development, only allow localhost and Replit domains - nothing else if (environment === 'development') { - if (requestOrigin) { - if ( - requestOrigin.includes('localhost') || - requestOrigin.includes('127.0.0.1') || - requestOrigin.includes('.repl.co') || - requestOrigin.includes('.replit.dev') - ) { - return requestOrigin; - } + if ( + requestOrigin.includes('localhost') || + requestOrigin.includes('127.0.0.1') || + requestOrigin.includes('.repl.co') || + requestOrigin.includes('.replit.dev') + ) { + return requestOrigin; } - return '*'; + // Origin not allowed in development - log and deny + console.warn(`[CORS] Origin not allowed in development mode: ${requestOrigin}`); + return null; } // In production, only allow specific domains from environment variable - if (requestOrigin && allowedOrigins.includes(requestOrigin)) { + if (allowedOrigins.includes(requestOrigin)) { return requestOrigin; } - // Default to first allowed origin for production, or deny if none configured - return allowedOrigins.length > 0 ? allowedOrigins[0] : requestOrigin || '*'; + // Origin not allowed in production - log and deny + console.warn(`[CORS] Origin not allowed in production mode: ${requestOrigin}`); + return null; }; -const getCorsHeaders = (requestOrigin: string | null) => ({ - 'Access-Control-Allow-Origin': getAllowedOrigin(requestOrigin), - 'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type', - 'Access-Control-Allow-Methods': 'GET, POST, DELETE, OPTIONS', - 'Access-Control-Allow-Credentials': 'true', -}); +const getCorsHeaders = (allowedOrigin: string | null): Record => { + // If no allowed origin, return empty headers (no CORS access) + if (!allowedOrigin) { + return {}; + } + + return { + 'Access-Control-Allow-Origin': allowedOrigin, + 'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type', + 'Access-Control-Allow-Methods': 'GET, POST, DELETE, OPTIONS', + 'Access-Control-Allow-Credentials': 'true', + }; +}; // Helper to create authenticated Supabase client const createAuthenticatedSupabaseClient = (authHeader: string) => { @@ -57,7 +70,24 @@ const createAuthenticatedSupabaseClient = (authHeader: string) => { serve(async (req) => { const requestOrigin = req.headers.get('origin'); - const corsHeaders = getCorsHeaders(requestOrigin); + const allowedOrigin = getAllowedOrigin(requestOrigin); + + // Check if this is a CORS request with a disallowed origin + if (requestOrigin && !allowedOrigin) { + console.error(`[CORS] Request rejected for disallowed origin: ${requestOrigin}`); + return new Response( + JSON.stringify({ + error: 'Origin not allowed', + message: 'The origin of this request is not allowed to access this resource' + }), + { + status: 403, + headers: { 'Content-Type': 'application/json' } + } + ); + } + + const corsHeaders = getCorsHeaders(allowedOrigin); // Handle CORS preflight requests if (req.method === 'OPTIONS') {