Files
apf_portal/apps
Julien Gautier 986c3acea1
CI / commits (pull_request) Successful in 2m51s
CI / scan (pull_request) Successful in 3m0s
CI / check (pull_request) Successful in 3m9s
CI / a11y (pull_request) Successful in 3m2s
CI / perf (pull_request) Successful in 6m19s
fix(portal-bff): add portal-admin :4300 to CORS_ALLOWED_ORIGINS in .env.example
Caught while reviewing the previous port-correction commit on this
branch. The CORS section still pointed to "Add :4201 once portal-admin
grows its own dev server" — but portal-admin has its dev server (on
:4300, not :4201), and the SPA will hit the BFF with credentials as
soon as the admin auth flow lands. Without the origin in the allowlist
the browser blocks the call and the developer chases a CORS error
instead of getting to work.

Updates the example to list both dev origins and points at
`apps/<app>/project.json` `serve.options.port` as the source of truth
so future readers don't have to grep for it.

Local `.env` is on the developer to update — this only touches
`.env.example`. Behaviour change is opt-in.
2026-05-14 15:37:04 +02:00
..