security: remove localhost origins from CORS allowed list #48

Saani · 2025-11-28T10:51:23Z

Saani commented

2025-11-28 10:51:23 +00:00

Remove local development URLs (localhost:3000 and 127.0.0.1:3000) from
CORS_ALLOWED_ORIGINS configuration. This restricts CORS to only allow
requests from the production domain (attunehearttherapy.com), improving
security by preventing unauthorized cross-origin requests from
development environments.

Remove local development URLs (localhost:3000 and 127.0.0.1:3000) from CORS_ALLOWED_ORIGINS configuration. This restricts CORS to only allow requests from the production domain (attunehearttherapy.com), improving security by preventing unauthorized cross-origin requests from development environments.

Saani added 1 commit 2025-11-28 10:51:23 +00:00

security: remove localhost origins from CORS allowed list 027d216fcb

Remove local development URLs (localhost:3000 and 127.0.0.1:3000) from
CORS_ALLOWED_ORIGINS configuration. This restricts CORS to only allow
requests from the production domain (attunehearttherapy.com), improving
security by preventing unauthorized cross-origin requests from
development environments.

Saani merged commit 10d2e7ff13 into main

2025-11-28 10:51:29 +00:00

Saani referenced this issue from a commit

2025-11-28 10:51:30 +00:00

Merge pull request 'security: remove localhost origins from CORS allowed list' (#48) from feature/meetings into main

Sign in to join this conversation.

No reviewers

No Label

No Milestone

No project

No Assignees

1 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ATTUNE-HEART-THERAPY/alternative-backend-service#48