Skip to content

Fix CORS to use CLIENT_URL environment variable#6

Closed
railway-app[bot] wants to merge 1 commit into
corsbugfixfrom
railway/code-change-qFv0GU
Closed

Fix CORS to use CLIENT_URL environment variable#6
railway-app[bot] wants to merge 1 commit into
corsbugfixfrom
railway/code-change-qFv0GU

Conversation

@railway-app
Copy link
Copy Markdown

@railway-app railway-app Bot commented Apr 6, 2026

Problem

The CORS middleware in cors.go had the frontend URL hardcoded as https://scintillating-commitment-production-2429.up.railway.app/, causing CORS errors whenever the frontend URL changed or differed across environments. main.go was already calling corsmiddleware.CORS(mux, url) with the CLIENT_URL env var, but the function signature only accepted next http.Handler, so the code wouldn't compile and the env var was never used.

Solution

Updated CORS in cors.go to accept a second clientURL string parameter and use it for the Access-Control-Allow-Origin header, removing the hardcoded URL. This aligns the function signature with the existing call in main.go, so the origin is now driven entirely by the CLIENT_URL environment variable.

Changes

  • Modified backend/internal/middleware/cors/cors.go

Generated by Railway

@oshankkkk oshankkkk deleted the branch corsbugfix April 12, 2026 08:38
@oshankkkk oshankkkk closed this Apr 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@oshankkkk