fix(backend): allow CORS from any localhost port for desktop app

2026-04-25 00:36:31 +02:00 · 2026-03-18 20:58:30 +02:00 · 2026-03-18 20:58:30 +02:00 · 572e7999b2
commit 572e7999b2
parent 9b4d9f0da2
1 changed files with 1 additions and 0 deletions
--- a/surfsense_backend/app/app.py
+++ b/surfsense_backend/app/app.py
@ -350,6 +350,7 @@ allowed_origins.extend(
 app.add_middleware(
    CORSMiddleware,
    allow_origins=allowed_origins,
+    allow_origin_regex=r"^https?://(localhost|127\.0\.0\.1)(:\d+)?$",
    allow_credentials=True,
    allow_methods=["*"],  # Allows all methods
    allow_headers=["*"],  # Allows all headers