shardegger/storycove
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CORS support for production domain

Browse Source 
- Add STORYCOVE_CORS_ALLOWED_ORIGINS environment variable to docker-compose.yml
- Include production domain https://storycove.sharyavin.synology.me in allowed origins
- Update SecurityConfig to read from environment variable with fallback
- Maintains localhost support for development while enabling production access
- Fixes "Invalid CORS request" error on deployed application

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Stefan Hardegger
2025-07-23 14:58:59 +02:00
parent 23f31defde
commit f2001e0d0c
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/main/java/com/storycove/config/SecurityConfig.java
View File

@@ -23,7 +23,7 @@ import java.util.List;
@EnableWebSecurity @EnableWebSecurity
public class SecurityConfig { public class SecurityConfig {
@Value("${storycove.cors.allowed-origins:http://localhost:3000}") @Value("${storycove.cors.allowed-origins:${STORYCOVE_CORS_ALLOWED_ORIGINS:http://localhost:3000}}")
private String allowedOrigins; private String allowedOrigins;
private final JwtAuthenticationFilter jwtAuthenticationFilter; private final JwtAuthenticationFilter jwtAuthenticationFilter;

1
docker-compose.yml
View File

@@ -39,6 +39,7 @@ services:
- TYPESENSE_PORT=8108 - TYPESENSE_PORT=8108
- IMAGE_STORAGE_PATH=/app/images - IMAGE_STORAGE_PATH=/app/images
- APP_PASSWORD=${APP_PASSWORD} - APP_PASSWORD=${APP_PASSWORD}
- STORYCOVE_CORS_ALLOWED_ORIGINS=https://storycove.sharyavin.synology.me,http://localhost:3000
volumes: volumes:
- images_data:/app/images - images_data:/app/images
depends_on: depends_on: