Improve error handling and stability across the application

Refactor error handling in `useEntityVersions` and `useSearch` hooks, enhance `NotificationService` with better error extraction and logging, and implement critical fallback mechanisms in the `detect-location` function's rate limit cleanup. Update CORS configuration in `upload-image` function for stricter origin checks and better security. Replit-Commit-Author: Agent Replit-Commit-Session-Id: f4df1950-6410-48d0-b2de-f4096732504b Replit-Commit-Checkpoint-Type: intermediate_checkpoint
2025-12-20 08:11:13 -05:00 · 2025-10-08 20:23:01 +00:00
parent 26aeb46c8a
commit b580db3fb0
6 changed files with 294 additions and 87 deletions
--- a/.replit
+++ b/.replit
@@ -33,3 +33,7 @@ outputType = "webview"
 [[ports]]
 localPort = 5000
 externalPort = 80
 [[ports]]
 localPort = 33153
 externalPort = 3000
--- a/src/hooks/useEntityVersions.ts
+++ b/src/hooks/useEntityVersions.ts
@@ -46,14 +46,21 @@ export function useEntityVersions(entityType: string, entityId: string) {
  // Use a request counter to track the latest fetch and prevent race conditions
  const requestCounterRef = useRef(0);
  // Request counter for fetchFieldHistory
  const fieldHistoryRequestCounterRef = useRef(0);
  const fetchVersions = useCallback(async () => {
    if (!isMountedRef.current) return;
    // Increment counter and capture the current request ID BEFORE try block
    const currentRequestId = ++requestCounterRef.current;
    try {
      if (!isMountedRef.current) return;
-      // Increment counter and capture the current request ID
+      // Only set loading if this is still the latest request
-      const currentRequestId = ++requestCounterRef.current;
+      if (isMountedRef.current && currentRequestId === requestCounterRef.current) {
-      
+        setLoading(true);
-      setLoading(true);
+      }
      const { data, error } = await supabase
        .from('entity_versions')
@@ -64,8 +71,8 @@ export function useEntityVersions(entityType: string, entityId: string) {
      if (error) throw error;
-      // Only continue if this is still the latest request
+      // Only continue if this is still the latest request and component is mounted
-      if (currentRequestId !== requestCounterRef.current) return;
+      if (!isMountedRef.current || currentRequestId !== requestCounterRef.current) return;
      // Safety check: verify data is an array before processing
      if (!Array.isArray(data)) {
@@ -84,8 +91,8 @@ export function useEntityVersions(entityType: string, entityId: string) {
        .select('user_id, username, avatar_url')
        .in('user_id', userIds);
-      // Check again if this is still the latest request
+      // Check again if this is still the latest request and component is mounted
-      if (currentRequestId !== requestCounterRef.current) return;
+      if (!isMountedRef.current || currentRequestId !== requestCounterRef.current) return;
      // Safety check: verify profiles array exists before filtering
      const profilesArray = Array.isArray(profiles) ? profiles : [];
@@ -109,8 +116,10 @@ export function useEntityVersions(entityType: string, entityId: string) {
      }
    } catch (error: any) {
      console.error('Error fetching versions:', error);
-      if (isMountedRef.current) {
+      
-        // Safe error message access with fallback
+      // Use the captured currentRequestId (DO NOT re-read requestCounterRef.current)
      // Only update state if component is mounted and this is still the latest request
      if (isMountedRef.current && currentRequestId === requestCounterRef.current) {
        const errorMessage = error?.message || 'Failed to load version history';
        toast.error(errorMessage);
        setLoading(false);
@@ -119,6 +128,11 @@ export function useEntityVersions(entityType: string, entityId: string) {
  }, [entityType, entityId]);
  const fetchFieldHistory = async (versionId: string) => {
    if (!isMountedRef.current) return;
    // Increment counter and capture the current request ID BEFORE try block
    const currentRequestId = ++fieldHistoryRequestCounterRef.current;
    try {
      const { data, error } = await supabase
        .from('entity_field_history')
@@ -128,14 +142,17 @@ export function useEntityVersions(entityType: string, entityId: string) {
      if (error) throw error;
-      if (isMountedRef.current) {
+      // Only update state if component is mounted and this is still the latest request
-        // Safety check: ensure data is an array
+      if (isMountedRef.current && currentRequestId === fieldHistoryRequestCounterRef.current) {
        const fieldChanges = Array.isArray(data) ? data as FieldChange[] : [];
        setFieldHistory(fieldChanges);
      }
    } catch (error: any) {
      console.error('Error fetching field history:', error);
-      if (isMountedRef.current) {
+      
      // Use the captured currentRequestId (DO NOT re-read fieldHistoryRequestCounterRef.current)
      // Only show error if component is mounted and this is still the latest request
      if (isMountedRef.current && currentRequestId === fieldHistoryRequestCounterRef.current) {
        const errorMessage = error?.message || 'Failed to load field history';
        toast.error(errorMessage);
      }
@@ -164,6 +181,8 @@ export function useEntityVersions(entityType: string, entityId: string) {
  const rollbackToVersion = async (targetVersionId: string, reason: string) => {
    try {
      if (!isMountedRef.current) return null;
      const { data: userData } = await supabase.auth.getUser();
      if (!userData.user) throw new Error('Not authenticated');
@@ -194,6 +213,8 @@ export function useEntityVersions(entityType: string, entityId: string) {
  const createVersion = async (versionData: any, changeReason?: string, submissionId?: string) => {
    try {
      if (!isMountedRef.current) return null;
      const { data: userData } = await supabase.auth.getUser();
      if (!userData.user) throw new Error('Not authenticated');
@@ -273,7 +294,7 @@ export function useEntityVersions(entityType: string, entityId: string) {
        channelRef.current = null;
      }
    };
-  }, [entityType, entityId]);
+  }, [entityType, entityId, fetchVersions]);
  // Set mounted ref on mount and cleanup on unmount
  useEffect(() => {
--- a/src/hooks/useSearch.tsx
+++ b/src/hooks/useSearch.tsx
@@ -27,7 +27,7 @@ const DEFAULT_MIN_QUERY = 2;
 const DEFAULT_DEBOUNCE_MS = 300;
 export function useSearch(options: UseSearchOptions = {}) {
-  // State declarations MUST come first to maintain hook order
+  // All hooks declarations in stable order
  const [query, setQuery] = useState('');
  const [results, setResults] = useState<SearchResult[]>([]);
  const [loading, setLoading] = useState(false);
@@ -35,15 +35,17 @@ export function useSearch(options: UseSearchOptions = {}) {
  const [recentSearches, setRecentSearches] = useState<string[]>([]);
  const [debouncedQuery, setDebouncedQuery] = useState('');
-  // Stabilize options using JSON stringify to prevent infinite loops from array recreation
+  // Use useMemo to stabilize options, but use safe defaults to prevent undefined errors during HMR
-  const optionsKey = JSON.stringify({
+  const stableOptions = useMemo(() => {
-    types: options.types || DEFAULT_TYPES,
+    const safeOptions = options || {};
-    limit: options.limit || DEFAULT_LIMIT,
+    return {
-    minQuery: options.minQuery || DEFAULT_MIN_QUERY,
+      types: safeOptions.types || DEFAULT_TYPES,
-    debounceMs: options.debounceMs || DEFAULT_DEBOUNCE_MS
+      limit: safeOptions.limit ?? DEFAULT_LIMIT,
-  });
+      minQuery: safeOptions.minQuery ?? DEFAULT_MIN_QUERY,
      debounceMs: safeOptions.debounceMs ?? DEFAULT_DEBOUNCE_MS,
    };
  }, [options]);
  const stableOptions = useMemo(() => JSON.parse(optionsKey), [optionsKey]);
  const { types, limit, minQuery, debounceMs } = stableOptions;
  useEffect(() => {
--- a/src/lib/notificationService.ts
+++ b/src/lib/notificationService.ts
@@ -38,6 +38,16 @@ class NotificationService {
    this.isNovuEnabled = !!import.meta.env.VITE_NOVU_APPLICATION_IDENTIFIER;
  }
  private extractErrorMessage(error: unknown): string {
    if (error instanceof Error) {
      return error.message;
    }
    if (error && typeof error === 'object' && 'message' in error && typeof error.message === 'string') {
      return error.message;
    }
    return 'An unexpected error occurred';
  }
  /**
   * Create or update a Novu subscriber
   */
@@ -52,9 +62,17 @@ class NotificationService {
        body: subscriberData,
      });
-      if (error) throw error;
+      if (error) {
        console.error('Edge function error creating Novu subscriber:', error);
        throw error;
      }
      if (!data || !data.subscriberId) {
        const errorMsg = 'Invalid response from create-novu-subscriber function';
        console.error(errorMsg, { data });
        return { success: false, error: errorMsg };
      }
      // Update local database with Novu subscriber ID
      const { error: dbError } = await supabase
        .from('user_notification_preferences')
        .upsert({
@@ -62,12 +80,16 @@ class NotificationService {
          novu_subscriber_id: data.subscriberId,
        });
-      if (dbError) throw dbError;
+      if (dbError) {
        console.error('Database error storing subscriber preferences:', dbError);
        throw dbError;
      }
      console.log('Novu subscriber created successfully:', data.subscriberId);
      return { success: true };
-    } catch (error: any) {
+    } catch (error: unknown) {
      console.error('Error creating Novu subscriber:', error);
-      return { success: false, error: error instanceof Error ? error.message : 'An unexpected error occurred' };
+      return { success: false, error: this.extractErrorMessage(error) };
    }
  }
@@ -85,13 +107,16 @@ class NotificationService {
        body: subscriberData,
      });
-      if (error) throw error;
+      if (error) {
        console.error('Edge function error updating Novu subscriber:', error);
        throw error;
      }
-      console.log('Novu subscriber updated successfully');
+      console.log('Novu subscriber updated successfully:', subscriberData.subscriberId);
      return { success: true };
-    } catch (error: any) {
+    } catch (error: unknown) {
      console.error('Error updating Novu subscriber:', error);
-      return { success: false, error: error instanceof Error ? error.message : 'An unexpected error occurred' };
+      return { success: false, error: this.extractErrorMessage(error) };
    }
  }
@@ -103,7 +128,6 @@ class NotificationService {
    preferences: NotificationPreferences
  ): Promise<{ success: boolean; error?: string }> {
    if (!this.isNovuEnabled) {
      // Save to local database only
      try {
        const { error } = await supabase
          .from('user_notification_preferences')
@@ -114,10 +138,16 @@ class NotificationService {
            frequency_settings: preferences.frequencySettings,
          });
-        if (error) throw error;
+        if (error) {
          console.error('Database error saving preferences (Novu disabled):', error);
          throw error;
        }
        console.log('Preferences saved to local database:', userId);
        return { success: true };
-      } catch (error: any) {
+      } catch (error: unknown) {
-        return { success: false, error: error.message };
+        console.error('Error saving preferences to local database:', error);
        return { success: false, error: this.extractErrorMessage(error) };
      }
    }
@@ -129,9 +159,11 @@ class NotificationService {
        },
      });
-      if (error) throw error;
+      if (error) {
        console.error('Edge function error updating Novu preferences:', error);
        throw error;
      }
      // Also update local database
      const { error: dbError } = await supabase
        .from('user_notification_preferences')
        .upsert({
@@ -141,12 +173,16 @@ class NotificationService {
          frequency_settings: preferences.frequencySettings,
        });
-      if (dbError) throw dbError;
+      if (dbError) {
        console.error('Database error saving preferences locally:', dbError);
        throw dbError;
      }
      console.log('Preferences updated successfully:', userId);
      return { success: true };
-    } catch (error: any) {
+    } catch (error: unknown) {
      console.error('Error updating preferences:', error);
-      return { success: false, error: error.message };
+      return { success: false, error: this.extractErrorMessage(error) };
    }
  }
@@ -164,9 +200,17 @@ class NotificationService {
        body: payload,
      });
-      if (error) throw error;
+      if (error) {
        console.error('Edge function error triggering notification:', error);
        throw error;
      }
      if (!data || !data.transactionId) {
        const errorMsg = 'Invalid response from trigger-notification function';
        console.error(errorMsg, { data });
        return { success: false, error: errorMsg };
      }
      // Log notification in local database
      await this.logNotification({
        userId: payload.subscriberId,
        workflowId: payload.workflowId,
@@ -174,10 +218,11 @@ class NotificationService {
        payload: payload.payload,
      });
      console.log('Notification triggered successfully:', data.transactionId);
      return { success: true, transactionId: data.transactionId };
-    } catch (error: any) {
+    } catch (error: unknown) {
      console.error('Error triggering notification:', error);
-      return { success: false, error: error.message };
+      return { success: false, error: this.extractErrorMessage(error) };
    }
  }
@@ -192,10 +237,13 @@ class NotificationService {
        .eq('user_id', userId)
        .single();
-      if (error && error.code !== 'PGRST116') throw error;
+      if (error && error.code !== 'PGRST116') {
        console.error('Database error fetching preferences:', error);
        throw error;
      }
      if (!data) {
-        // Return default preferences
+        console.log('No preferences found for user, returning defaults:', userId);
        return {
          channelPreferences: {
            in_app: true,
@@ -216,8 +264,8 @@ class NotificationService {
        workflowPreferences: data.workflow_preferences as any,
        frequencySettings: data.frequency_settings as any,
      };
-    } catch (error: any) {
+    } catch (error: unknown) {
-      console.error('Error fetching preferences:', error);
+      console.error('Error fetching notification preferences for user:', userId, error);
      return null;
    }
  }
@@ -233,10 +281,14 @@ class NotificationService {
        .eq('is_active', true)
        .order('category', { ascending: true });
-      if (error) throw error;
+      if (error) {
        console.error('Database error fetching notification templates:', error);
        throw error;
      }
      return data || [];
-    } catch (error: any) {
+    } catch (error: unknown) {
-      console.error('Error fetching templates:', error);
+      console.error('Error fetching notification templates:', error);
      return [];
    }
  }
--- a/supabase/functions/detect-location/index.ts
+++ b/supabase/functions/detect-location/index.ts
@@ -17,10 +17,16 @@ const RATE_LIMIT_WINDOW = 60000; // 1 minute in milliseconds
 const MAX_REQUESTS = 10; // 10 requests per minute per IP
 const MAX_MAP_SIZE = 10000; // Maximum number of IPs to track
 // Cleanup failure tracking to prevent silent failures
 let cleanupFailureCount = 0;
 const MAX_CLEANUP_FAILURES = 5; // Threshold before forcing drastic cleanup
 const CLEANUP_FAILURE_RESET_INTERVAL = 300000; // Reset failure count every 5 minutes
 function cleanupExpiredEntries() {
  try {
    const now = Date.now();
    let deletedCount = 0;
    const mapSizeBefore = rateLimitMap.size;
    for (const [ip, data] of rateLimitMap.entries()) {
      if (now > data.resetAt) {
@@ -29,14 +35,74 @@ function cleanupExpiredEntries() {
      }
    }
    // Log cleanup activity for monitoring
    if (deletedCount > 0) {
-      console.log(`Cleaned up ${deletedCount} expired rate limit entries`);
+      console.log(`[Cleanup] Removed ${deletedCount} expired entries. Map size: ${mapSizeBefore} -> ${rateLimitMap.size}`);
    }
    // Reset failure count on successful cleanup
    if (cleanupFailureCount > 0) {
      console.log(`[Cleanup] Successful cleanup after ${cleanupFailureCount} previous failures. Resetting failure count.`);
      cleanupFailureCount = 0;
    }
  } catch (error) {
-    console.error('Error during cleanup:', error);
+    // CRITICAL: Increment failure counter and log detailed error information
    cleanupFailureCount++;
    const errorMessage = error instanceof Error ? error.message : String(error);
    const errorStack = error instanceof Error ? error.stack : 'No stack trace available';
    console.error(`[Cleanup Error] Cleanup failed (attempt ${cleanupFailureCount}/${MAX_CLEANUP_FAILURES})`);
    console.error(`[Cleanup Error] Error message: ${errorMessage}`);
    console.error(`[Cleanup Error] Stack trace: ${errorStack}`);
    console.error(`[Cleanup Error] Current map size: ${rateLimitMap.size}`);
    // FALLBACK MECHANISM: If cleanup fails repeatedly, force clear to prevent memory leak
    if (cleanupFailureCount >= MAX_CLEANUP_FAILURES) {
      console.error(`[Cleanup CRITICAL] Cleanup has failed ${cleanupFailureCount} times consecutively!`);
      console.error(`[Cleanup CRITICAL] Forcing emergency cleanup to prevent memory leak...`);
      try {
        // Emergency: Clear oldest 50% of entries to prevent unbounded growth
        const entriesToClear = Math.floor(rateLimitMap.size * 0.5);
        const sortedEntries = Array.from(rateLimitMap.entries())
          .sort((a, b) => a[1].resetAt - b[1].resetAt);
        let clearedCount = 0;
        for (let i = 0; i < entriesToClear && i < sortedEntries.length; i++) {
          rateLimitMap.delete(sortedEntries[i][0]);
          clearedCount++;
        }
        console.warn(`[Cleanup CRITICAL] Emergency cleanup completed. Cleared ${clearedCount} entries. Map size: ${rateLimitMap.size}`);
        // Reset failure count after emergency cleanup
        cleanupFailureCount = 0;
      } catch (emergencyError) {
        // Last resort: If even emergency cleanup fails, clear everything
        console.error(`[Cleanup CRITICAL] Emergency cleanup failed! Clearing entire rate limit map.`);
        console.error(`[Cleanup CRITICAL] Emergency error: ${emergencyError}`);
        const originalSize = rateLimitMap.size;
        rateLimitMap.clear();
        console.warn(`[Cleanup CRITICAL] Cleared entire rate limit map (${originalSize} entries) to prevent memory leak.`);
        cleanupFailureCount = 0;
      }
    }
  }
 }
 // Reset cleanup failure count periodically to avoid permanent emergency state
 setInterval(() => {
  if (cleanupFailureCount > 0) {
    console.warn(`[Cleanup] Resetting failure count (was ${cleanupFailureCount}) after timeout period.`);
    cleanupFailureCount = 0;
  }
 }, CLEANUP_FAILURE_RESET_INTERVAL);
 function checkRateLimit(ip: string): { allowed: boolean; retryAfter?: number } {
  const now = Date.now();
  const existing = rateLimitMap.get(ip);
@@ -59,15 +125,41 @@ function checkRateLimit(ip: string): { allowed: boolean; retryAfter?: number } {
    // If still at capacity after cleanup, remove oldest entries (LRU eviction)
    if (rateLimitMap.size >= MAX_MAP_SIZE) {
-      const toDelete = Math.floor(MAX_MAP_SIZE * 0.3); // Remove 30% of entries
+      try {
-      const sortedEntries = Array.from(rateLimitMap.entries())
+        const toDelete = Math.floor(MAX_MAP_SIZE * 0.3); // Remove 30% of entries
-        .sort((a, b) => a[1].resetAt - b[1].resetAt);
+        const sortedEntries = Array.from(rateLimitMap.entries())
          .sort((a, b) => a[1].resetAt - b[1].resetAt);
-      for (let i = 0; i < toDelete && i < sortedEntries.length; i++) {
+        let deletedCount = 0;
-        rateLimitMap.delete(sortedEntries[i][0]);
+        for (let i = 0; i < toDelete && i < sortedEntries.length; i++) {
          rateLimitMap.delete(sortedEntries[i][0]);
          deletedCount++;
        }
        console.warn(`[Rate Limit] Map reached ${MAX_MAP_SIZE} entries. Cleared ${deletedCount} oldest entries. New size: ${rateLimitMap.size}`);
      } catch (evictionError) {
        // CRITICAL: LRU eviction failed - log error and attempt emergency clear
        console.error(`[Rate Limit CRITICAL] LRU eviction failed! Error: ${evictionError}`);
        console.error(`[Rate Limit CRITICAL] Map size: ${rateLimitMap.size}`);
        try {
          // Emergency: Clear first 30% of entries without sorting
          const targetSize = Math.floor(MAX_MAP_SIZE * 0.7);
          const keysToDelete: string[] = [];
          for (const [key] of rateLimitMap.entries()) {
            if (rateLimitMap.size <= targetSize) break;
            keysToDelete.push(key);
          }
          keysToDelete.forEach(key => rateLimitMap.delete(key));
          console.warn(`[Rate Limit CRITICAL] Emergency eviction cleared ${keysToDelete.length} entries. New size: ${rateLimitMap.size}`);
        } catch (emergencyError) {
          console.error(`[Rate Limit CRITICAL] Emergency eviction also failed! Clearing entire map. Error: ${emergencyError}`);
          rateLimitMap.clear();
        }
      }
      console.warn(`Rate limit map reached ${MAX_MAP_SIZE} entries. Cleared ${toDelete} oldest entries.`);
    }
  }
@@ -166,7 +258,13 @@ serve(async (req) => {
    );
  } catch (error) {
-    console.error('Error detecting location:', error);
+    // Enhanced error logging for better visibility and debugging
    const errorMessage = error instanceof Error ? error.message : String(error);
    const errorStack = error instanceof Error ? error.stack : 'No stack trace available';
    console.error('[Location Detection Error] Request failed');
    console.error(`[Location Detection Error] Message: ${errorMessage}`);
    console.error(`[Location Detection Error] Stack: ${errorStack}`);
    // Return default (metric) with 500 status to indicate error occurred
    // This allows proper error monitoring while still providing fallback data
@@ -179,7 +277,7 @@ serve(async (req) => {
    return new Response(
      JSON.stringify({
        ...defaultResult,
-        error: error instanceof Error ? error.message : 'Failed to detect location',
+        error: errorMessage,
        fallback: true
      }),
      { 
--- a/supabase/functions/upload-image/index.ts
+++ b/supabase/functions/upload-image/index.ts
@@ -2,7 +2,12 @@ import { serve } from "https://deno.land/std@0.168.0/http/server.ts"
 import { createClient } from 'https://esm.sh/@supabase/supabase-js@2'
 // Environment-aware CORS configuration
-const getAllowedOrigin = (requestOrigin: string | null): string => {
+const getAllowedOrigin = (requestOrigin: string | null): string | null => {
  // If no origin header, it's not a CORS request (same-origin or server-to-server)
  if (!requestOrigin) {
    return null;
  }
  const environment = Deno.env.get('ENVIRONMENT') || 'development';
  // Production allowlist - configure via ALLOWED_ORIGINS environment variable
@@ -10,36 +15,44 @@ const getAllowedOrigin = (requestOrigin: string | null): string => {
  const allowedOriginsEnv = Deno.env.get('ALLOWED_ORIGINS') || '';
  const allowedOrigins = allowedOriginsEnv.split(',').filter(origin => origin.trim());
-  // In development, allow localhost and Replit domains
+  // In development, only allow localhost and Replit domains - nothing else
  if (environment === 'development') {
-    if (requestOrigin) {
+    if (
-      if (
+      requestOrigin.includes('localhost') ||
-        requestOrigin.includes('localhost') ||
+      requestOrigin.includes('127.0.0.1') ||
-        requestOrigin.includes('127.0.0.1') ||
+      requestOrigin.includes('.repl.co') ||
-        requestOrigin.includes('.repl.co') ||
+      requestOrigin.includes('.replit.dev')
-        requestOrigin.includes('.replit.dev')
+    ) {
-      ) {
+      return requestOrigin;
        return requestOrigin;
      }
    }
-    return '*';
+    // Origin not allowed in development - log and deny
    console.warn(`[CORS] Origin not allowed in development mode: ${requestOrigin}`);
    return null;
  }
  // In production, only allow specific domains from environment variable
-  if (requestOrigin && allowedOrigins.includes(requestOrigin)) {
+  if (allowedOrigins.includes(requestOrigin)) {
    return requestOrigin;
  }
-  // Default to first allowed origin for production, or deny if none configured
+  // Origin not allowed in production - log and deny
-  return allowedOrigins.length > 0 ? allowedOrigins[0] : requestOrigin || '*';
+  console.warn(`[CORS] Origin not allowed in production mode: ${requestOrigin}`);
  return null;
 };
-const getCorsHeaders = (requestOrigin: string | null) => ({
+const getCorsHeaders = (allowedOrigin: string | null): Record<string, string> => {
-  'Access-Control-Allow-Origin': getAllowedOrigin(requestOrigin),
+  // If no allowed origin, return empty headers (no CORS access)
-  'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type',
+  if (!allowedOrigin) {
-  'Access-Control-Allow-Methods': 'GET, POST, DELETE, OPTIONS',
+    return {};
-  'Access-Control-Allow-Credentials': 'true',
+  }
-});
+  
  return {
    'Access-Control-Allow-Origin': allowedOrigin,
    'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type',
    'Access-Control-Allow-Methods': 'GET, POST, DELETE, OPTIONS',
    'Access-Control-Allow-Credentials': 'true',
  };
 };
 // Helper to create authenticated Supabase client
 const createAuthenticatedSupabaseClient = (authHeader: string) => {
@@ -57,7 +70,24 @@ const createAuthenticatedSupabaseClient = (authHeader: string) => {
 serve(async (req) => {
  const requestOrigin = req.headers.get('origin');
-  const corsHeaders = getCorsHeaders(requestOrigin);
+  const allowedOrigin = getAllowedOrigin(requestOrigin);
  // Check if this is a CORS request with a disallowed origin
  if (requestOrigin && !allowedOrigin) {
    console.error(`[CORS] Request rejected for disallowed origin: ${requestOrigin}`);
    return new Response(
      JSON.stringify({ 
        error: 'Origin not allowed',
        message: 'The origin of this request is not allowed to access this resource'
      }),
      { 
        status: 403,
        headers: { 'Content-Type': 'application/json' }
      }
    );
  }
  const corsHeaders = getCorsHeaders(allowedOrigin);
  // Handle CORS preflight requests
  if (req.method === 'OPTIONS') {