mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(api): use TRUSTED_ORIGINS for socket.io gateway CORS #628

Merged
jason.woltje merged 1 commits from fix/gateway-cors-trusted-origins into main 2026-03-01 20:13:14 +00:00
Conversation 0 Commits 1 Files Changed 3 +24 -2
jason.woltje commented 2026-03-01 20:13:09 +00:00
Owner
Copy Link

Terminal and speech WebSocket gateways were using WEB_URL env var (unset in prod) for socket.io CORS, defaulting to http://localhost:3000. All connections from https://mosaic.woltje.com were blocked. Fixed to use TRUSTED_ORIGINS (already set) with WEB_URL fallback. Also adds createTask API client function.

Terminal and speech WebSocket gateways were using WEB_URL env var (unset in prod) for socket.io CORS, defaulting to http://localhost:3000. All connections from https://mosaic.woltje.com were blocked. Fixed to use TRUSTED_ORIGINS (already set) with WEB_URL fallback. Also adds createTask API client function.
jason.woltje added 1 commit 2026-03-01 20:13:10 +00:00
fix(api): use TRUSTED_ORIGINS for socket.io gateway CORS; add createTask API client
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
f982fb5233
jason.woltje merged commit c23c33b0c5 into main 2026-03-01 20:13:14 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
ai
AI/LLM integration
 api
Backend/API work
 api
auth
Authentication
 database
database
Database/schema work
 devops
Docker/deployment
 docs
Documentation
 frontend
graph
knowledge-module
migration
Data migration
 orchestrator
Orchestrator service (apps/orchestrator/)
 p0
Critical priority
 p1
High priority
 p2
Medium priority
 p3
Low priority
 performance
Performance work
 phase-1
phase-2
phase-3
phase-4
phase-5
plugin
MoltBot plugin work
 search
security
Security-related
 setup
Initial setup
 testing
Testing/QA
 web
Frontend work
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
jason.woltje
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mosaic/stack#628
Delete Branch "fix/gateway-cors-trusted-origins"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?