refactor: Update server configuration to allow specific CORS origins

author: Mo Tarbin <mhed.t91@gmail.com> 2024-06-30 22:58:33 -0400
committer: Mo Tarbin <mhed.t91@gmail.com> 2024-06-30 22:58:33 -0400
commit: 49d877486c7c5c31edbc25fca687a0130888f1c4 (patch)
tree: d4a71089e72d73a048a7948e46ba349317165ce3 /main.go
parent: c13dd9addbf89f716e4ef5cfdf1d673139ffcb68 (diff)
download: donetick-49d877486c7c5c31edbc25fca687a0130888f1c4.tar.gz
donetick-49d877486c7c5c31edbc25fca687a0130888f1c4.tar.bz2
donetick-49d877486c7c5c31edbc25fca687a0130888f1c4.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/main.go b/main.go
index 3ee2bbf..41ef02f 100644
--- a/main.go
+++ b/main.go
@@ -109,7 +109,8 @@ func newServer(lc fx.Lifecycle, cfg *config.Config, db *gorm.DB, notifier *notif
 		WriteTimeout: cfg.Server.WriteTimeout,
 	}
 	config := cors.DefaultConfig()
-	config.AllowAllOrigins = true
+	config.AllowAllOrigins = !cfg.IsDoneTickDotCom
+	config.AllowOrigins = cfg.Server.CorsAllowOrigins
 	config.AllowCredentials = true
 	config.AddAllowHeaders("Authorization", "secretkey")
 	r.Use(cors.New(config))
author	Mo Tarbin <mhed.t91@gmail.com>	2024-06-30 22:58:33 -0400
committer	Mo Tarbin <mhed.t91@gmail.com>	2024-06-30 22:58:33 -0400
commit	49d877486c7c5c31edbc25fca687a0130888f1c4 (patch)
tree	d4a71089e72d73a048a7948e46ba349317165ce3 /main.go
parent	c13dd9addbf89f716e4ef5cfdf1d673139ffcb68 (diff)
download	donetick-49d877486c7c5c31edbc25fca687a0130888f1c4.tar.gz donetick-49d877486c7c5c31edbc25fca687a0130888f1c4.tar.bz2 donetick-49d877486c7c5c31edbc25fca687a0130888f1c4.zip