Skip to content

Fix CORS configuration for production frontend#19

Merged
rcjasub merged 1 commit into
mainfrom
railway/code-change-va6gqP
Apr 24, 2026
Merged

Fix CORS configuration for production frontend#19
rcjasub merged 1 commit into
mainfrom
railway/code-change-va6gqP

Conversation

@railway-app

@railway-app railway-app Bot commented Apr 24, 2026

Copy link
Copy Markdown
Contributor

Problem

The CORS configuration in backend/server.ts only allowed http://localhost:5173 (via CLIENT_URL fallback), so all requests from the production frontend at https://free-form-code-production.up.railway.app were rejected with CORS errors, surfacing as 502 Bad Gateway responses. Both the Express middleware and the Socket.io server shared this single-origin restriction.

Solution

Replaced the single-origin string with an allowedOrigins array that explicitly includes both http://localhost:5173 (local dev) and https://free-form-code-production.up.railway.app (production). If CLIENT_URL is also set as an environment variable, it is spread into the array as well, keeping the escape hatch for future custom deployments. Both the cors() middleware and the Socket.io cors option now reference the same shared array.

Changes

  • Modified backend/server.ts

Generated by Railway

@vercel

vercel Bot commented Apr 24, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
free-form-code Ready Ready Preview, Comment Apr 24, 2026 4:16am

@rcjasub rcjasub merged commit a2c3e8d into main Apr 24, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant