From a8ec1e36aba0e61cc29321a8a8d2e824e094af3c Mon Sep 17 00:00:00 2001 From: "Marcelo M. Maciel" <4993482+marcelo-maciel@users.noreply.github.com> Date: Thu, 2 Jul 2026 02:46:44 -0300 Subject: [PATCH] chore(host): point default CORS allow-list at the React client origins `CorsOptions.AllowedOrigins` still listed `https://localhost:4200` (Angular) and `https://localhost:7140`, neither of which any shipped client uses. The two front-ends this kit runs are `clients/admin` (http://localhost:5173) and `clients/dashboard` (http://localhost:5174). List those instead so the default dev config actually matches the apps. --- src/Host/FSH.Starter.Api/appsettings.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Host/FSH.Starter.Api/appsettings.json b/src/Host/FSH.Starter.Api/appsettings.json index 5a9628a5f8..293fdfebb6 100644 --- a/src/Host/FSH.Starter.Api/appsettings.json +++ b/src/Host/FSH.Starter.Api/appsettings.json @@ -97,8 +97,8 @@ "CorsOptions": { "AllowAll": false, "AllowedOrigins": [ - "https://localhost:4200", - "https://localhost:7140" + "http://localhost:5173", + "http://localhost:5174" ], "AllowedHeaders": [ "content-type", "authorization" ], "AllowedMethods": [ "GET", "POST", "PUT", "DELETE" ]