omnigraph

mirror of https://github.com/ModernRelay/omnigraph.git synced 2026-06-09 01:35:18 +02:00

andrew 0685d5530f omnigraph-server: optional CORS layer for browser-based UIs Off by default — production deployments behind a same-origin reverse proxy need no configuration. When OMNIGRAPH_SERVER_CORS_ORIGIN is set (comma-separated origins), attach a tower_http::cors::CorsLayer permitting GET/POST/DELETE plus Authorization and Content-Type request headers. Empty/unset variable preserves prior no-CORS behavior. Tests: cors_default_off_does_not_emit_allow_origin_header, cors_env_origin_emits_allow_origin_header. Companion to omnigraph-ui's web demo (Vite dev origin http://127.0.0.1:5173 hitting the API at 127.0.0.1:8080). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-15 16:00:46 +03:00
..
openapi.rs	MR-771: demote Run to direct-publish via expected_table_versions CAS	2026-04-30 08:52:50 +02:00
server.rs	omnigraph-server: optional CORS layer for browser-based UIs	2026-05-15 16:00:46 +03:00

andrew 0685d5530f omnigraph-server: optional CORS layer for browser-based UIs

Off by default — production deployments behind a same-origin reverse
proxy need no configuration. When OMNIGRAPH_SERVER_CORS_ORIGIN is set
(comma-separated origins), attach a tower_http::cors::CorsLayer
permitting GET/POST/DELETE plus Authorization and Content-Type request
headers. Empty/unset variable preserves prior no-CORS behavior.

Tests: cors_default_off_does_not_emit_allow_origin_header,
cors_env_origin_emits_allow_origin_header.

Companion to omnigraph-ui's web demo (Vite dev origin
http://127.0.0.1:5173 hitting the API at 127.0.0.1:8080).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-15 16:00:46 +03:00

openapi.rs

MR-771: demote Run to direct-publish via expected_table_versions CAS

2026-04-30 08:52:50 +02:00

server.rs

omnigraph-server: optional CORS layer for browser-based UIs

2026-05-15 16:00:46 +03:00