fix: Permissive CORS Configuration
This commit is contained in:
+7
-4
@@ -26,16 +26,19 @@ ALLOWED_USERS = (
|
|||||||
else []
|
else []
|
||||||
)
|
)
|
||||||
|
|
||||||
origins = ["*"]
|
origins = (
|
||||||
|
os.environ.get("ALLOWED_ORIGINS", "").split(",")
|
||||||
|
if os.environ.get("ALLOWED_ORIGINS")
|
||||||
|
else []
|
||||||
|
)
|
||||||
app = FastAPI()
|
app = FastAPI()
|
||||||
|
|
||||||
app.add_middleware(
|
app.add_middleware(
|
||||||
CORSMiddleware,
|
CORSMiddleware,
|
||||||
allow_origins=origins,
|
allow_origins=origins,
|
||||||
allow_credentials=True,
|
allow_credentials=True,
|
||||||
allow_methods=["*"],
|
allow_methods=["GET", "POST"],
|
||||||
allow_headers=["*"],
|
allow_headers=["Authorization", "Content-Type"],
|
||||||
)
|
)
|
||||||
|
|
||||||
block_endpoints = ["/health"]
|
block_endpoints = ["/health"]
|
||||||
|
|||||||
Reference in New Issue
Block a user