ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-17 23:05:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

Browse source
This commit is contained in:
noexcs 2025-04-27 21:29:13 +08:00
parent 1349bc47b1
commit 4b9b24ae78
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
backend/open_webui/config.py
View file

@ -1255,7 +1255,7 @@ def validate_cors_origin(origin):
# To test CORS_ALLOW_ORIGIN locally, you can set something like # To test CORS_ALLOW_ORIGIN locally, you can set something like
# CORS_ALLOW_ORIGIN=http://localhost:5173;http://localhost:8080 # CORS_ALLOW_ORIGIN=http://localhost:5173;http://localhost:8080
# in your .env file depending on your frontend port, 5173 in this case. # in your .env file depending on your frontend port, 5173 in this case.
CORS_ALLOW_ORIGIN = os.environ.get("CORS_ALLOW_ORIGIN", "*").split(";") CORS_ALLOW_ORIGIN = os.environ.get("CORS_ALLOW_ORIGIN", "*;http://localhost:5173;http://localhost:8080").split(";")
if "*" in CORS_ALLOW_ORIGIN: if "*" in CORS_ALLOW_ORIGIN:
log.warning( log.warning(