TDvorak/ClubLogos
1
0
Fork 0
mirror of https://github.com/Dvorinka/ClubLogos.git synced 2026-06-03 19:42:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

cors

Browse Source
This commit is contained in:
Tomáš Dvořák
2025-10-05 10:11:25 +02:00
parent eeff13d5bb
commit 30e180886d
2 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/main.go
+5 -5
View File
@@ -38,13 +38,13 @@ func main() {
r := gin.Default()
r.MaxMultipartMemory = 32 << 20 // 32 MB
// CORS middleware
// CORS middleware - Allow all origins, methods, and headers
r.Use(cors.New(cors.Config{
AllowOrigins: []string{"*"},
AllowMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
AllowHeaders: []string{"Origin", "Content-Type", "Accept", "Authorization"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true,
AllowMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH", "HEAD"},
AllowHeaders: []string{"*"},
ExposeHeaders: []string{"*"},
AllowCredentials: false, // Must be false when using wildcard origins
AllowOriginFunc: func(origin string) bool {
return true // Allow all origins
},
frontend/nginx.conf
+17
View File
@@ -30,10 +30,27 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# CORS headers - Allow all origins
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always;
add_header 'Access-Control-Allow-Headers' '*' always;
add_header 'Access-Control-Expose-Headers' '*' always;
add_header 'Access-Control-Max-Age' '3600' always;
# Handle preflight requests
if ($request_method = 'OPTIONS') {
return 204;
}
}
# SPA fallback
location / {
# CORS headers - Allow all origins for static content
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always;
add_header 'Access-Control-Allow-Headers' '*' always;
try_files $uri $uri/ /index.html;
}