fix: update CSP for Cloudflare and set CORS_ORIGIN to fix 500 errors
Build Institutional Trader / build-and-deploy (push) Successful in 2m8s Details

This commit is contained in:
Deep Koluguri 2026-06-22 19:40:24 -04:00
parent 76c24aaec1
commit cd83c18555
2 changed files with 3 additions and 1 deletions

View File

@ -9,7 +9,7 @@ export const setupSecurity = (app) => {
directives: {
defaultSrc: ["'self'"],
styleSrc: ["'self'", "'unsafe-inline'"],
scriptSrc: ["'self'"],
scriptSrc: ["'self'", "https://static.cloudflareinsights.com", "'unsafe-inline'"],
imgSrc: ["'self'", 'data:', 'https:'],
},
},

View File

@ -22,6 +22,8 @@ spec:
env:
- name: NODE_ENV
value: "production"
- name: CORS_ORIGIN
value: "https://market.applaude.net"
- name: USE_PYTHON_SERVICE
value: "false"
- name: DATABASE_URL