mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

### fix: verbessere CORS-Handling und UI-Markierungen
Build and Publish Docker Images / build-and-push (., backend/services/mail/Dockerfile, mail-service, mail-service) (push) Successful in 5m47s
Details
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Successful in 3m51s
Details

Browse Source 
- **Caddyfile:** Ersetze `Access-Control-Allow-Origin` durch `*`, entferne `Access-Control-Allow-Credentials`, füge `Access-Control-Expose-Headers` hinzu.
- **GlobalSecurityConfig:** Lockere `allowedOrigins`, `allowedOriginPatterns` und `exposedHeaders` auf `*`, setze `allowCredentials` auf `false`.
- **MailServiceApplication:** Passe CORS-Mapping durch `allowedOrigins` und `allowCredentials` an.
- **UI:** Aktualisiere Versionsmarker auf `v2026-04-23.26 - NUCLEAR CORS v2`.
This commit is contained in:
Stefan Mogeritsch
2026-04-23 14:42:46 +02:00
parent f97bfeff47
commit 277254ebbd
4 changed files with 17 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/infrastructure/security/src/main/kotlin/at/mocode/infrastructure/security/GlobalSecurityConfig.kt
+4 -14
View File
@@ -81,23 +81,13 @@ class GlobalSecurityConfig {
@Bean
fun corsConfigurationSource(): CorsConfigurationSource {
val configuration = CorsConfiguration()
configuration.allowedOrigins = listOf(
"https://app.mo-code.at",
"https://api.mo-code.at",
"http://localhost:8080",
"http://localhost:8083",
"http://localhost:8092",
"http://localhost:4000"
)
configuration.allowedOriginPatterns = listOf(
"https://*.mo-code.at",
"http://localhost:[*]"
)
configuration.allowedOrigins = listOf("*")
configuration.allowedOriginPatterns = listOf("*")
configuration.allowedMethods = listOf("GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD")
configuration.allowedHeaders = listOf("*")
configuration.exposedHeaders = listOf("Authorization", "Content-Type")
configuration.exposedHeaders = listOf("*")
configuration.maxAge = 3600L
configuration.allowCredentials = true
configuration.allowCredentials = false
val source = UrlBasedCorsConfigurationSource()
source.registerCorsConfiguration("/**", configuration)
return source
backend/services/mail/mail-service/src/main/kotlin/at/mocode/mail/service/MailServiceApplication.kt
+3 -4
View File
@@ -20,11 +20,10 @@ class MailServiceApplication(private val env: Environment) {
return object : WebMvcConfigurer {
override fun addCorsMappings(registry: CorsRegistry) {
registry.addMapping("/**")
.allowedOrigins("https://app.mo-code.at", "https://api.mo-code.at")
.allowedOriginPatterns("https://*.mo-code.at")
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
.allowedOrigins("*")
.allowedMethods("*")
.allowedHeaders("*")
.allowCredentials(true)
.allowCredentials(false)
}
}
}