ATTUNE-HEART-THERAPY/alternative-backend-service
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ATTUNE-HEART-THERAPY:b555c5684774319fb23234b6d6ea05a19a6f5027
Branches Tags
ATTUNE-HEART-THERAPY:main
ATTUNE-HEART-THERAPY:feature/meetings
ATTUNE-HEART-THERAPY:feature/authentication_and_authorization
...
compare: ATTUNE-HEART-THERAPY:10d2e7ff13a59f120a1fa4ce276001db29293a23
Branches Tags
ATTUNE-HEART-THERAPY:main
ATTUNE-HEART-THERAPY:feature/meetings
ATTUNE-HEART-THERAPY:feature/authentication_and_authorization

2 Commits
b555c56847 ... 10d2e7ff13

Author SHA1 Message Date
Saani
10d2e7ff13 Merge pull request 'security: remove localhost origins from CORS allowed list' (#48) from feature/meetings into main 
Reviewed-on: https://gitea.blackbusinesslabs.com/ATTUNE-HEART-THERAPY/alternative-backend-service/pulls/48
 2025-11-28 10:51:28 +00:00
saani
027d216fcb security: remove localhost origins from CORS allowed list 
Remove local development URLs (localhost:3000 and 127.0.0.1:3000) from
CORS_ALLOWED_ORIGINS configuration. This restricts CORS to only allow
requests from the production domain (attunehearttherapy.com), improving
security by preventing unauthorized cross-origin requests from
development environments.
 2025-11-28 10:50:43 +00:00
1 changed files with 0 additions and 2 deletions
Show Stats Expand all files Collapse all files

2
booking_system/settings.py
View File

@ -16,8 +16,6 @@ ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', '*').split(',')
# CORS Configuration # CORS Configuration
CORS_ALLOWED_ORIGINS = [ CORS_ALLOWED_ORIGINS = [
'http://localhost:3000',
'http://127.0.0.1:3000',
'https://attunehearttherapy.com' 'https://attunehearttherapy.com'
] ]