fix: Permissive CORS Configuration
This commit is contained in:
+7
-4
@@ -26,16 +26,19 @@ ALLOWED_USERS = (
|
||||
else []
|
||||
)
|
||||
|
||||
origins = ["*"]
|
||||
|
||||
origins = (
|
||||
os.environ.get("ALLOWED_ORIGINS", "").split(",")
|
||||
if os.environ.get("ALLOWED_ORIGINS")
|
||||
else []
|
||||
)
|
||||
app = FastAPI()
|
||||
|
||||
app.add_middleware(
|
||||
CORSMiddleware,
|
||||
allow_origins=origins,
|
||||
allow_credentials=True,
|
||||
allow_methods=["*"],
|
||||
allow_headers=["*"],
|
||||
allow_methods=["GET", "POST"],
|
||||
allow_headers=["Authorization", "Content-Type"],
|
||||
)
|
||||
|
||||
block_endpoints = ["/health"]
|
||||
|
||||
Reference in New Issue
Block a user