fix(api): skip cors logging for /status/* routes (#59881)

Co-authored-by: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com>
2026-05-12 12:01:24 -04:00 · 2025-04-22 16:05:49 +02:00
parent 1cab0991b5
commit fdbca0bd1f
2 changed files with 39 additions and 1 deletions
--- a/api/src/plugins/cors.test.ts
+++ b/api/src/plugins/cors.test.ts
@@ -0,0 +1,35 @@
+import Fastify, { FastifyInstance, LogLevel } from 'fastify';
+import cors from './cors';
+
+const LOG_LEVELS: LogLevel[] = [
+  'fatal',
+  'error',
+  'warn',
+  'info',
+  'debug',
+  'trace'
+];
+
+describe('cors', () => {
+  let fastify: FastifyInstance;
+  beforeAll(async () => {
+    fastify = Fastify({ disableRequestLogging: true });
+    await fastify.register(cors);
+  });
+
+  afterAll(async () => {
+    await fastify.close();
+  });
+
+  it('should not log for /status/* routes', async () => {
+    const logger = fastify.log.child({ req: { url: '/status/ping' } });
+    const spies = LOG_LEVELS.map(level => jest.spyOn(logger, level));
+    await fastify.inject({
+      url: '/status/ping'
+    });
+
+    spies.forEach(spy => {
+      expect(spy).not.toHaveBeenCalled();
+    });
+  });
+});
--- a/api/src/plugins/cors.ts
+++ b/api/src/plugins/cors.ts
@@ -21,7 +21,10 @@ const cors: FastifyPluginCallback = (fastify, _options, done) => {
      // separately. If we switch to that approach we can replace use
      // @fastify/cors instead.
      void reply.header('Access-Control-Allow-Origin', HOME_LOCATION);
-      logger.debug(`Received request from disallowed origin: ${origin}`);
+
+      if (!req.url?.startsWith('/status/')) {
+        logger.info(`Received request from disallowed origin: ${origin}`);
+      }
    }

    void reply