fix dangerous cors config for directus service

2026-04-03 19:26:06 +05:30 · 2026-04-03 19:26:06 +05:30 · fa73d45b41
commit fa73d45b41
parent c5ec79bbb8
1 changed files with 1 additions and 1 deletions
--- a/templates/compose/directus.yaml
+++ b/templates/compose/directus.yaml
@ -23,7 +23,7 @@ services:
      - DB_FILENAME=/directus/database/data.db
      - WEBSOCKETS_ENABLED=true
      - CORS_ENABLED=${CORS_ENABLED:-true}
-      - CORS_ORIGIN=${CORS_ORIGIN:-true}
+      - CORS_ORIGIN=${CORS_ORIGIN}
      - CORS_METHODS=${CORS_METHODS:-GET,POST,PATCH,DELETE,OPTIONS}
      - CORS_ALLOWED_HEADERS=${CORS_ALLOWED_HEADERS:-Content-Type,Authorization}
      - CORS_CREDENTIALS=${CORS_CREDENTIALS:-true}