mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

### fix: verbessere CORS-Handling und UI-Markierungen
Build and Publish Docker Images / build-and-push (., backend/services/mail/Dockerfile, mail-service, mail-service) (push) Successful in 5m47s
Details
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Successful in 3m51s
Details

Browse Source 
- **Caddyfile:** Ersetze `Access-Control-Allow-Origin` durch `*`, entferne `Access-Control-Allow-Credentials`, füge `Access-Control-Expose-Headers` hinzu.
- **GlobalSecurityConfig:** Lockere `allowedOrigins`, `allowedOriginPatterns` und `exposedHeaders` auf `*`, setze `allowCredentials` auf `false`.
- **MailServiceApplication:** Passe CORS-Mapping durch `allowedOrigins` und `allowCredentials` an.
- **UI:** Aktualisiere Versionsmarker auf `v2026-04-23.26 - NUCLEAR CORS v2`.
This commit is contained in:
Stefan Mogeritsch
2026-04-23 14:42:46 +02:00
parent f97bfeff47
commit 277254ebbd
4 changed files with 17 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/docker/caddy/web-app/Caddyfile
+6 -6
View File
@@ -23,22 +23,22 @@
@options method OPTIONS
handle @options {
header {
Access-Control-Allow-Origin "https://app.mo-code.at"
Access-Control-Allow-Origin "*"
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
Access-Control-Allow-Headers "*"
Access-Control-Allow-Credentials "true"
Access-Control-Expose-Headers "*"
Access-Control-Max-Age "3600"
X-Caddy-CORS "preflight-v25"
X-Caddy-CORS "preflight-v26"
}
respond "" 204
}
header {
Access-Control-Allow-Origin "https://app.mo-code.at"
Access-Control-Allow-Origin "*"
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
Access-Control-Allow-Headers "*"
Access-Control-Allow-Credentials "true"
X-Caddy-CORS "forward-v25"
Access-Control-Expose-Headers "*"
X-Caddy-CORS "forward-v26"
defer
}