fix(caddy): allow CORS on distribution /launcher/* for launcher.json fetch
The landing page (apex origin) fetches launcher.json from the distribution vhost cross-origin to render download buttons; add Access-Control-Allow-Origin on /launcher/* so the browser doesn't block it. Public assets, no credentials. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -3,5 +3,8 @@
|
||||
# /srv/distribution by the caddy service in docker-compose.yml.
|
||||
http://distribution.{$BASE_DOMAIN} {
|
||||
root * /srv/distribution
|
||||
# The landing page (apex origin) fetches launcher.json cross-origin to render
|
||||
# the download buttons. Allow it — launcher assets are fully public, no creds.
|
||||
header /launcher/* Access-Control-Allow-Origin "*"
|
||||
file_server browse
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user