fix: implement CORS origins configuration via environment variable
- Replace hardcoded allow_origins=['*'] with dynamic configuration - Read CORS_ORIGINS environment variable (comma-separated list) - Default to 'http://localhost:3000' if CORS_ORIGINS is not set - Support multiple origins by splitting and stripping whitespace from env var
This commit is contained in:
Marko Djordjevic
parent
94bc5768d1
commit
26ff80a682
1 changed files with 6 additions and 1 deletions
|
|
@ -5,6 +5,7 @@ Provides REST API endpoints for model serving, health checks, and prediction.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
|
import os
|
||||||
import re
|
import re
|
||||||
import threading
|
import threading
|
||||||
import uuid as uuid_lib
|
import uuid as uuid_lib
|
||||||
|
|
@ -48,10 +49,14 @@ app = FastAPI(
|
||||||
version="1.0.0"
|
version="1.0.0"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
# Parse CORS origins from environment variable or use default
|
||||||
|
cors_origins_str = os.getenv("CORS_ORIGINS", "http://localhost:3000")
|
||||||
|
allow_origins = [origin.strip() for origin in cors_origins_str.split(",")]
|
||||||
|
|
||||||
# CORS middleware
|
# CORS middleware
|
||||||
app.add_middleware(
|
app.add_middleware(
|
||||||
CORSMiddleware,
|
CORSMiddleware,
|
||||||
allow_origins=["*"], # In production, specify actual origins
|
allow_origins=allow_origins,
|
||||||
allow_credentials=True,
|
allow_credentials=True,
|
||||||
allow_methods=["*"],
|
allow_methods=["*"],
|
||||||
allow_headers=["*"],
|
allow_headers=["*"],
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue