damanukyan/cryptowallet
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initvglidrbtgrthijl;

Browse Source
This commit is contained in:
ZOMBIIIIIII
2026-05-14 16:39:56 +03:00
parent 11ee5a2c7f
commit f6774243b2
7 changed files with 258 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.env.example
View File

@@ -35,8 +35,12 @@ REDIS_PASSWORD=
REDIS_DB=0
# ── CORS ────────────────────────────────────────────────────────────
# Comma-separated list of allowed origins. ПУСТО = no cross-origin.
# Никогда не используй wildcard *
# Comma-separated list of allowed origins, OR "*" для wildcard (dev/staging).
# ПУСТО = no cross-origin (fail-secure).
# Wildcard incompatible с CORS_ALLOW_CREDENTIALS=true (browser spec — credentials force=false).
# Production: явный whitelist для security (XSS на любом сайте не сможет дёрнуть API).
# Whitelist: CORS_ORIGINS=https://app.example.com,https://www.example.com
# Wildcard: CORS_ORIGINS=*
CORS_ORIGINS=
CORS_ALLOW_CREDENTIALS=true