# 4.1.9 服务器源函数 server\_origins\_fn

* `fn` (Function)
* **Returns** `Server`

提供一个接受两个参数的函数`origin：String`和`callback(error，success)`，其中`success`是一个布尔值，指示是否允许来源。如果`success`设置为`false`，则必须将错误作为字符串值提供，该字符串值将附加到服务器响应中，例如“Origin not allowed”。

## 潜在缺点：

* 在某些情况下，当无法确定`origin`时，其值可能为`*`
* 由于此功能将针对每个请求执行，因此建议尽快使此功能工作。（耗时不要太长）
* 如果`socket.io`与`express`一起使用，CORS headers将仅对`socket.io`请求受影响。对于Express，可以使用[CORS](https://github.com/expressjs/cors)。

```javascript
io.origins((origin,callback)=>{
    if(origin!=='https://foo.example.com'){
        return callback('origin not allowed',false)
    }
    callback(null,true)
})
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://socket.gitbook.io/docs/4-fu-wu-duan-apiserverapi/4.1-server/server_origins_fn.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.