fix: configure CORS to allow specific origins and enable credentials

2025-08-15 12:01:46 +02:00
parent 772cb944a3
commit a6dedd46ed
1 changed files with 6 additions and 1 deletions
--- a/backend/server.js
+++ b/backend/server.js
@@ -16,7 +16,12 @@ env.config();
 const app = express();
 const port = 8002;

-app.use(cors());
+app.use(
+  cors({
+    origin: ["https://backend.lose.the1s.de", "https://lose.the1s.de"],
+    credentials: true,
+  })
+);
 // Increase body size limits to support large CSV JSON payloads
 app.use(express.urlencoded({ extended: true, limit: "10mb" }));
 app.set("view engine", "ejs");