Tweaked CORS

2026-02-10 21:21:42 +08:00
parent c00396756c
commit b15e39d011
3 changed files with 82 additions and 21 deletions
--- a/app/main.py
+++ b/app/main.py
@@ -32,12 +32,21 @@ def create_application() -> FastAPI:
    application.mount("/static", StaticFiles(directory="app/static"), name="static")

    # Set up CORS
+    origins = [
+        "https://articulateusercontent.com",
+        "https://ai-gateway.ldex.dev",
+        "http://localhost:8000",
+        "http://127.0.0.1:8000",
+    ]
+    
    application.add_middleware(
        CORSMiddleware,
-        allow_origins=["*"],
-        allow_credentials=False, # Changed to False for better compat with allow_origins=["*"]
+        allow_origins=origins,
+        allow_origin_regex=r"https://.*\.articulateusercontent\.com",
+        allow_credentials=True,
        allow_methods=["*"],
        allow_headers=["*"],
+        expose_headers=["*"],
    )
    
    # Set up Rate Limiter