clone/vikunja
1
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-02-01 22:47:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: always add public url to allowed cors origins

Browse Source 
This fixes a bug where it was not possible to do anything because the public url was not allowed by default for CORS requests.

Regression from 433b8b9115

Resolves https://github.com/go-vikunja/vikunja/issues/916
This commit is contained in:
kolaente
2025-06-11 14:27:32 +02:00
parent efb6ccf3e1
commit 842e7f524b
2 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/config/config.go
View File

@@ -599,6 +599,9 @@ func InitConfig() {
if DefaultSettingsTimezone.GetString() == "" {
DefaultSettingsTimezone.Set(ServiceTimeZone.GetString())
}
publicURL := strings.TrimSuffix(ServicePublicURL.GetString(), "/")
CorsOrigins.Set(append(CorsOrigins.GetStringSlice(), publicURL))
}
func random(length int) (string, error) {

1
pkg/routes/routes.go
View File

@@ -182,6 +182,7 @@ func RegisterRoutes(e *echo.Echo) {
// CORS
if config.CorsEnable.GetBool() {
log.Debugf("CORS enabled with origins: %s", strings.Join(config.CorsOrigins.GetStringSlice(), ", "))
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
AllowOrigins: config.CorsOrigins.GetStringSlice(),
MaxAge: config.CorsMaxAge.GetInt(),