Improve CORS security and add Helmet#50
Conversation
gbowne1
added
enhancement
gbowne1
left a comment
gbowne1
left a comment
There was a problem hiding this comment.
I checked out this change locally for testing and review for merge
This PR adds cors options to the server.
This might now conflict if #55 gets merged as we changed to an async/await for the server and or database connection there.
It does work properly as is but might need to be checked against #55
I'll approve this PR for merge pending further review by other collaborators and maintainers.
Ensure that this PR won't conflict when #55 gets merged.
Thanks for the opportunity to review your PR and for your contribution to this project. Please feel free to work on this project issues
|
@shishir-21 Thanks for the review. I'll merge after 1 more review |
shishir-21
left a comment
shishir-21
left a comment
There was a problem hiding this comment.
I have already reviewed this pr,
and No additional blocking comments from my side.
|
My bad sorry. |
|
No problem 👍 |
|
Thanks everyone for the reviews and merging this PR. |
|
Sorry for the delay we're going through a review process with the PRs we have now |
4 participants
Security Setup
This server uses CORS and Helmet for basic security.
CORS only allows requests from the frontend URL.
Helmet adds common HTTP security headers.
Local Environment Setup
Create a .env file in the project root.
Add these values:
PORT=3000
MONGODB_URI=your_mongodb_connection_string
CLIENT_URL=http://localhost:3000
Then start the server.
npm install
npm start