Allow cross-origin requests (#3421)

Co-authored-by: pfg <pfg@pfg.pw>
This commit is contained in:
Diamond 2023-07-06 04:25:19 -07:00 committed by GitHub
parent 6840fd64f9
commit 084f603745
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -155,13 +155,17 @@ pub async fn start_lemmy_server() -> Result<(), LemmyError> {
// Create Http server with websocket support // Create Http server with websocket support
HttpServer::new(move || { HttpServer::new(move || {
let cors_config = if cfg!(debug_assertions) { let cors_origin = std::env::var("LEMMY_CORS_ORIGIN");
Cors::permissive() let cors_config = match (cors_origin, cfg!(debug_assertions)) {
} else { (Ok(origin), false) => Cors::default()
let cors_origin = std::env::var("LEMMY_CORS_ORIGIN").unwrap_or("http://localhost".into()); .allowed_origin(&origin)
Cors::default() .allowed_origin(&settings.get_protocol_and_hostname()),
.allowed_origin(&cors_origin) _ => Cors::default()
.allowed_origin(&settings.get_protocol_and_hostname()) .allow_any_origin()
.allow_any_method()
.allow_any_header()
.expose_any_header()
.max_age(3600),
}; };
let app = App::new() let app = App::new()