blackroad-os/blackroad-operating-system
9
0
Fork 0
mirror of https://github.com/blackboxprogramming/BlackRoad-Operating-System.git synced 2026-03-17 00:57:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix CORS: Add production domains to ALLOWED_ORIGINS

Browse Source 
Updates ALLOWED_ORIGINS to include all BlackRoad domains, fixing the
"Access denied" error when accessing the Railway deployment.

Changes:
1. backend/app/config.py:33 - Updated default ALLOWED_ORIGINS to include:
   - https://blackroad.systems
   - https://www.blackroad.systems
   - https://os.blackroad.systems
   - https://blackroad-operating-system-production.up.railway.app
   - http://localhost:3000,http://localhost:8000 (for local dev)

2. backend/.env.example:27 - Updated template with production domains

This ensures Railway deployments work without requiring manual
environment variable configuration. The CORS middleware will now
accept requests from all BlackRoad domains.

Fixes: "Access denied" errors on production deployments
Related: DNS configuration in ops/domains.yaml
This commit is contained in:
Claude
2025-11-17 07:27:22 +00:00
parent 0c7dbe7e47
commit 77134e8b09
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/app/config.py
View File

@@ -29,7 +29,8 @@ class Settings(BaseSettings):
WALLET_MASTER_KEY: str = "local-wallet-master-key-32chars-0000"
# CORS
ALLOWED_ORIGINS: str = "http://localhost:3000,http://localhost:8000"
# Include production domains by default to ensure Railway deployments work
ALLOWED_ORIGINS: str = "https://blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://blackroad-operating-system-production.up.railway.app,http://localhost:3000,http://localhost:8000"
@property
def allowed_origins_list(self) -> List[str]: