aladac/tensors
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Make CORS origins configurable via CORS_ORIGINS env var

Browse Source 
Replaces hardcoded localhost origins with env-driven config.
Accepts comma-separated origins or wildcard (*). Defaults to
["*"] for backward compatibility.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Adam Ladachowski
2026-04-06 01:02:17 +02:00
parent a349f6bc93
commit 56d5233962
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tensors/server/__init__.py
+5 -2
View File
@@ -3,6 +3,7 @@
from __future__ import annotations from __future__ import annotations
import logging import logging
import os
import sys import sys
from contextlib import asynccontextmanager from contextlib import asynccontextmanager
from typing import TYPE_CHECKING from typing import TYPE_CHECKING
@@ -61,10 +62,12 @@ def create_app() -> FastAPI:
redoc_url=None, redoc_url=None,
) )
# CORS for local development # CORS — configurable via CORS_ORIGINS env var (comma-separated, default: *)
cors_raw = os.environ.get("CORS_ORIGINS", "*")
cors_origins = ["*"] if cors_raw.strip() == "*" else [o.strip() for o in cors_raw.split(",") if o.strip()]
app.add_middleware( app.add_middleware(
CORSMiddleware, CORSMiddleware,
allow_origins=["http://localhost:5173", "http://127.0.0.1:5173"], allow_origins=cors_origins,
allow_credentials=True, allow_credentials=True,
allow_methods=["*"], allow_methods=["*"],
allow_headers=["*"], allow_headers=["*"],