ucs/backend/src/server.mjs

import express from 'express';
import compression from 'compression';
import helmet from 'helmet';
import morgan from 'morgan';
import cors from 'cors';

import utils from './utils.mjs';

// server

export const app = express();

app.use(express.urlencoded({ extended: true }));
app.use(compression());
app.use(
    helmet.contentSecurityPolicy({
        directives: {
            "script-src": ["'self'"]
        },
    })
);
app.use(morgan('combined'));

const corsOptions = {
    origin: utils.cors,
    optionsSuccessStatus: 200
};

app.use(cors(corsOptions));

app.set('trust proxy', '127.0.0.1');