hotfix(v1.7.8): restore CORS wildcard and fix CSP for MSAL auth · 7fe53f882a - aoc

hotfix(v1.7.8): restore CORS wildcard and fix CSP for MSAL auth

All checks were successful

CI / lint-and-test (push) Successful in 51s

Details

Release / build-and-push (push) Successful in 2m4s

Details

- Revert automatic CORS wildcard stripping that broke production deployments
  with CORS_ORIGINS=* (now logs a warning but preserves the config)
- Expand CSP headers to allow MSAL auth flows:
  - connect-src: login.microsoftonline.com
  - frame-src: login.microsoftonline.com
  - form-action: login.microsoftonline.com

This commit is contained in:

Tomas Kracmar

2026-04-27 09:41:28 +02:00

parent d01e7801ed

commit 7fe53f882a

2 changed files with 7 additions and 7 deletions

2

VERSION

View File

@@ -1 +1 @@
 .7.7
 .7.8

hotfix(v1.7.8): restore CORS wildcard and fix CSP for MSAL auth All checks were successful CI / lint-and-test (push) Successful in 51s Details Release / build-and-push (push) Successful in 2m4s Details

2 VERSION Unescape Escape View File

hotfix(v1.7.8): restore CORS wildcard and fix CSP for MSAL auth

All checks were successful

CI / lint-and-test (push) Successful in 51s

Details

Release / build-and-push (push) Successful in 2m4s

Details

2

VERSION

View File