mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(api): use getTrustedOrigins() for WebSocket CORS #549

Merged
jason.woltje merged 1 commits from fix/websocket-cors-origins into main 2026-02-27 12:07:52 +00:00
Conversation 0 Commits 1 Files Changed 1 +2 -1
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/api/src/websocket/websocket.gateway.ts
View File

@@ -7,6 +7,7 @@ import {
import { Logger } from "@nestjs/common"; import { Logger } from "@nestjs/common";
import { Server, Socket } from "socket.io"; import { Server, Socket } from "socket.io";
import { AuthService } from "../auth/auth.service"; import { AuthService } from "../auth/auth.service";
import { getTrustedOrigins } from "../auth/auth.config";
import { PrismaService } from "../prisma/prisma.service"; import { PrismaService } from "../prisma/prisma.service";
interface AuthenticatedSocket extends Socket { interface AuthenticatedSocket extends Socket {
@@ -77,7 +78,7 @@ interface StepOutputData {
*/ */
@WSGateway({ @WSGateway({
cors: { cors: {
origin: process.env.WEB_URL ?? "http://localhost:3000", origin: getTrustedOrigins(),
credentials: true, credentials: true,
}, },
}) })