From b97df3522af773a76b689aab9865aa9977eb92bb Mon Sep 17 00:00:00 2001
From: amhsirak <karishmashuklaa@gmail.com>
Date: Tue, 3 Dec 2024 21:40:36 +0530
Subject: [PATCH] feat: ensure access-control-allow-origin matches public url

---
 server/src/server.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/server.ts b/server/src/server.ts
index 7965d6bd..20ef14e7 100644
--- a/server/src/server.ts
+++ b/server/src/server.ts
@@ -92,7 +92,7 @@ app.get('/', function (req, res) {
 
 // Add CORS headers
 app.use((req, res, next) => {
-  res.header('Access-Control-Allow-Origin', '*');
+  res.header('Access-Control-Allow-Origin', process.env.PUBLIC_URL || 'http://localhost:5173');
   res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
   res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization');
   if (req.method === 'OPTIONS') {