### fix: verbessere CORS-Handling und UI-Markierungen
All checks were successful
All checks were successful
- **Caddyfile:** Ersetze `Access-Control-Allow-Origin` durch `*`, entferne `Access-Control-Allow-Credentials`, füge `Access-Control-Expose-Headers` hinzu. - **GlobalSecurityConfig:** Lockere `allowedOrigins`, `allowedOriginPatterns` und `exposedHeaders` auf `*`, setze `allowCredentials` auf `false`. - **MailServiceApplication:** Passe CORS-Mapping durch `allowedOrigins` und `allowCredentials` an. - **UI:** Aktualisiere Versionsmarker auf `v2026-04-23.26 - NUCLEAR CORS v2`.
This commit is contained in:
parent
f97bfeff47
commit
277254ebbd
|
|
@ -81,23 +81,13 @@ class GlobalSecurityConfig {
|
|||
@Bean
|
||||
fun corsConfigurationSource(): CorsConfigurationSource {
|
||||
val configuration = CorsConfiguration()
|
||||
configuration.allowedOrigins = listOf(
|
||||
"https://app.mo-code.at",
|
||||
"https://api.mo-code.at",
|
||||
"http://localhost:8080",
|
||||
"http://localhost:8083",
|
||||
"http://localhost:8092",
|
||||
"http://localhost:4000"
|
||||
)
|
||||
configuration.allowedOriginPatterns = listOf(
|
||||
"https://*.mo-code.at",
|
||||
"http://localhost:[*]"
|
||||
)
|
||||
configuration.allowedOrigins = listOf("*")
|
||||
configuration.allowedOriginPatterns = listOf("*")
|
||||
configuration.allowedMethods = listOf("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD")
|
||||
configuration.allowedHeaders = listOf("*")
|
||||
configuration.exposedHeaders = listOf("Authorization", "Content-Type")
|
||||
configuration.exposedHeaders = listOf("*")
|
||||
configuration.maxAge = 3600L
|
||||
configuration.allowCredentials = true
|
||||
configuration.allowCredentials = false
|
||||
val source = UrlBasedCorsConfigurationSource()
|
||||
source.registerCorsConfiguration("/**", configuration)
|
||||
return source
|
||||
|
|
|
|||
|
|
@ -20,11 +20,10 @@ class MailServiceApplication(private val env: Environment) {
|
|||
return object : WebMvcConfigurer {
|
||||
override fun addCorsMappings(registry: CorsRegistry) {
|
||||
registry.addMapping("/**")
|
||||
.allowedOrigins("https://app.mo-code.at", "https://api.mo-code.at")
|
||||
.allowedOriginPatterns("https://*.mo-code.at")
|
||||
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
|
||||
.allowedOrigins("*")
|
||||
.allowedMethods("*")
|
||||
.allowedHeaders("*")
|
||||
.allowCredentials(true)
|
||||
.allowCredentials(false)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,22 +23,22 @@
|
|||
@options method OPTIONS
|
||||
handle @options {
|
||||
header {
|
||||
Access-Control-Allow-Origin "https://app.mo-code.at"
|
||||
Access-Control-Allow-Origin "*"
|
||||
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
||||
Access-Control-Allow-Headers "*"
|
||||
Access-Control-Allow-Credentials "true"
|
||||
Access-Control-Expose-Headers "*"
|
||||
Access-Control-Max-Age "3600"
|
||||
X-Caddy-CORS "preflight-v25"
|
||||
X-Caddy-CORS "preflight-v26"
|
||||
}
|
||||
respond "" 204
|
||||
}
|
||||
|
||||
header {
|
||||
Access-Control-Allow-Origin "https://app.mo-code.at"
|
||||
Access-Control-Allow-Origin "*"
|
||||
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
||||
Access-Control-Allow-Headers "*"
|
||||
Access-Control-Allow-Credentials "true"
|
||||
X-Caddy-CORS "forward-v25"
|
||||
Access-Control-Expose-Headers "*"
|
||||
X-Caddy-CORS "forward-v26"
|
||||
defer
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -69,7 +69,9 @@ fun MainAppContent() {
|
|||
is WebScreen.Nennung -> "/nennung/${screen.turnierId}"
|
||||
is WebScreen.Erfolg -> "/erfolg"
|
||||
}
|
||||
setWindowHash("#$targetHash")
|
||||
if (getWindowHash() != "#$targetHash") {
|
||||
setWindowHash("#$targetHash")
|
||||
}
|
||||
}
|
||||
|
||||
Scaffold(
|
||||
|
|
@ -124,7 +126,7 @@ fun MainAppContent() {
|
|||
// Dezentraler Versions-Marker in der unteren rechten Ecke
|
||||
Box(modifier = Modifier.fillMaxSize().padding(8.dp), contentAlignment = Alignment.BottomEnd) {
|
||||
Text(
|
||||
text = "v2026-04-23.25 - CADDY CATCH-ALL CORS",
|
||||
text = "v2026-04-23.26 - NUCLEAR CORS v2",
|
||||
style = MaterialTheme.typography.labelSmall,
|
||||
color = Color.LightGray.copy(alpha = 0.5f)
|
||||
)
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user