From bcb3e31788c34c32bd9f8834cc93080318e51d30 Mon Sep 17 00:00:00 2001
From: Justin Gasper <jmgasper@gmail.com>
Date: Thu, 28 Sep 2023 15:19:34 +1000
Subject: [PATCH 1/3] Add configurable ACCESS_CONTROL_ALLOW_ORIGIN header for
 CDN

PROD-4372
---
 .circleci/config.yml     | 1 +
 config/default.js        | 1 +
 config/production.js     | 1 +
 src/server/routes/cdn.js | 2 +-
 4 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 5ca4199330..4dd81b9207 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -350,6 +350,7 @@ workflows:
             branches:
               only:
                 - PROD-4183
+                - PROD-4372
                 - changelog
       # This is alternate dev env for parallel testing
       - "build-test":
diff --git a/config/default.js b/config/default.js
index d50de2aec7..a5a369b466 100644
--- a/config/default.js
+++ b/config/default.js
@@ -25,6 +25,7 @@ module.exports = {
   /* CDN configuration. */
   CDN: {
     PUBLIC: 'https://d1aahxkjiobka8.cloudfront.net',
+    ACCESS_CONTROL_ALLOW_ORIGIN: '*.topcoder-dev.com',
   },
 
   /* Time in MS to wait before refreshing challenge details after register
diff --git a/config/production.js b/config/production.js
index c372930853..844a62fb54 100644
--- a/config/production.js
+++ b/config/production.js
@@ -10,6 +10,7 @@ module.exports = {
   },
   CDN: {
     PUBLIC: 'https://community-app-cdn.topcoder.com',
+    ACCESS_CONTROL_ALLOW_ORIGIN: '*.topcoder.com',
   },
   COOKIES: {
     MAXAGE: 7,
diff --git a/src/server/routes/cdn.js b/src/server/routes/cdn.js
index 61460e024b..d14133afae 100644
--- a/src/server/routes/cdn.js
+++ b/src/server/routes/cdn.js
@@ -30,7 +30,7 @@ const url = path.resolve(__dirname, '../../../build');
 /* Sets Access-Control-Allow-Origin header to avoid CORS error.
  * TODO: Replace the wildcard value by an appropriate origin filtering. */
 router.use('/public/static-assets', (req, res, next) => {
-  res.set('Access-Control-Allow-Origin', '*');
+  res.set('Access-Control-Allow-Origin', `${config.CDN.ACCESS_CONTROL_ALLOW_ORIGIN}`);
   next();
 }, express.static(url),
 

From 00ff23b0e63ff0d8ee7229c0cdd6a4c84686bfc3 Mon Sep 17 00:00:00 2001
From: Justin Gasper <jmgasper@gmail.com>
Date: Fri, 29 Sep 2023 08:31:46 +1000
Subject: [PATCH 2/3] Update email address for gigwork

https://topcoder.atlassian.net/browse/PROD-4388
---
 src/shared/components/Gigs/GigDetails/index.jsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/shared/components/Gigs/GigDetails/index.jsx b/src/shared/components/Gigs/GigDetails/index.jsx
index cffab15131..8a96a816b1 100644
--- a/src/shared/components/Gigs/GigDetails/index.jsx
+++ b/src/shared/components/Gigs/GigDetails/index.jsx
@@ -134,7 +134,7 @@ function GigDetails(props) {
                     ** USA Visa Holders - Please consult an attorney before applying to any Topcoder Gig. Some visa statuses will or will not allow you to conduct freelance work with Topcoder.
                   </strong>
                   <strong>
-                    *** Topcoder and Wipro employees are not eligible for Gig work opportunities. Do not apply and send questions to <a href="mailto:support@topcoder.com">support@topcoder.com</a>.
+                    *** Topcoder and Wipro employees are not eligible for Gig work opportunities. Do not apply and send questions to <a href="mailto:gigwork@topcoder.com">gigwork@topcoder.com</a>.
                   </strong>
                 </div>
                 <div styleName="cta-buttons">

From fef1faed04aafbe846f4cd449663916587527854 Mon Sep 17 00:00:00 2001
From: Justin Gasper <jmgasper@gmail.com>
Date: Mon, 2 Oct 2023 08:25:11 +1100
Subject: [PATCH 3/3] Revert "Add configurable ACCESS_CONTROL_ALLOW_ORIGIN
 header for CDN"

This reverts commit bcb3e31788c34c32bd9f8834cc93080318e51d30.
---
 .circleci/config.yml     | 1 -
 config/default.js        | 1 -
 config/production.js     | 1 -
 src/server/routes/cdn.js | 2 +-
 4 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 4dd81b9207..5ca4199330 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -350,7 +350,6 @@ workflows:
             branches:
               only:
                 - PROD-4183
-                - PROD-4372
                 - changelog
       # This is alternate dev env for parallel testing
       - "build-test":
diff --git a/config/default.js b/config/default.js
index a5a369b466..d50de2aec7 100644
--- a/config/default.js
+++ b/config/default.js
@@ -25,7 +25,6 @@ module.exports = {
   /* CDN configuration. */
   CDN: {
     PUBLIC: 'https://d1aahxkjiobka8.cloudfront.net',
-    ACCESS_CONTROL_ALLOW_ORIGIN: '*.topcoder-dev.com',
   },
 
   /* Time in MS to wait before refreshing challenge details after register
diff --git a/config/production.js b/config/production.js
index 844a62fb54..c372930853 100644
--- a/config/production.js
+++ b/config/production.js
@@ -10,7 +10,6 @@ module.exports = {
   },
   CDN: {
     PUBLIC: 'https://community-app-cdn.topcoder.com',
-    ACCESS_CONTROL_ALLOW_ORIGIN: '*.topcoder.com',
   },
   COOKIES: {
     MAXAGE: 7,
diff --git a/src/server/routes/cdn.js b/src/server/routes/cdn.js
index d14133afae..61460e024b 100644
--- a/src/server/routes/cdn.js
+++ b/src/server/routes/cdn.js
@@ -30,7 +30,7 @@ const url = path.resolve(__dirname, '../../../build');
 /* Sets Access-Control-Allow-Origin header to avoid CORS error.
  * TODO: Replace the wildcard value by an appropriate origin filtering. */
 router.use('/public/static-assets', (req, res, next) => {
-  res.set('Access-Control-Allow-Origin', `${config.CDN.ACCESS_CONTROL_ALLOW_ORIGIN}`);
+  res.set('Access-Control-Allow-Origin', '*');
   next();
 }, express.static(url),