🔒️ Fix CORS allowed origins and methods

2023-09-10 12:07:20 +02:00
parent f69aee1c9c
commit cf5c4c6224
1 changed files with 2 additions and 3 deletions
--- a/backend/main.py
+++ b/backend/main.py
@@ -34,13 +34,12 @@ app = FastAPI(lifespan=lifespan)

 app.add_middleware(
    CORSMiddleware,
-    allow_origins=["https://localhost:4443", "https://localhost:3000"],
+    allow_origins=["http://carrramba.adrien.run", "https://carrramba.adrien.run"],
    allow_credentials=True,
-    allow_methods=["*"],
+    allow_methods=["OPTIONS", "GET"],
    allow_headers=["*"],
 )

-
 # The cache-control header entry is not managed properly by fastapi-cache:
 # For now, a request with a cache-control set to no-cache
 # is interpreted as disabling the use of the server cache.