Fix: Removed redundant FastAPI CORS to prevent duplicate headers

2026-02-10 22:07:42 +08:00
parent 80de744cd6
commit 827dfdcaf5
1 changed files with 2 additions and 12 deletions
--- a/app/main.py
+++ b/app/main.py
@@ -1,5 +1,5 @@
 from fastapi import FastAPI, Request
-from fastapi.middleware.cors import CORSMiddleware
+# from fastapi.middleware.cors import CORSMiddleware
 from slowapi import _rate_limit_exceeded_handler
 from slowapi.errors import RateLimitExceeded

@@ -40,17 +40,7 @@ def create_application() -> FastAPI:
        print(f"DEBUG: Status Code: {response.status_code}")
        return response

-    # Set up fully permissive CORS for maximum compatibility
-    application.add_middleware(
-        CORSMiddleware,
-        allow_origins=["*"],
-        allow_credentials=False,
-        allow_methods=["*"],
-        allow_headers=["*"],
-        expose_headers=["*"],
-    )
-    
-    # Set up Rate Limiter
+    # Set up Rate Limiter (CORS is handled by Caddy at the edge)
    application.state.limiter = limiter
    
    @application.exception_handler(RateLimitExceeded)