allow any origins to pass request to skyvern backend by default; make…

… the ALLOWED_ORIGINS configurable through environment
Skyvern-AI · Jul 3, 2024 · 4c1c302 · 4c1c302
1 parent b791cc1
commit 4c1c302
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 11 deletions.
diff --git a/skyvern/config.py b/skyvern/config.py
@@ -31,6 +31,7 @@ class Settings(BaseSettings):
     JSON_LOGGING: bool = False
     LOG_LEVEL: str = "INFO"
     PORT: int = 8000
+    ALLOWED_ORIGINS: list[str] = ["*"]
 
     # Secret key for JWT. Please generate your own secret key in production
     SECRET_KEY: str = "RX1NvhujcJqBPi8O78-7aSfJEWuT86-fll4CzKc_uek"

diff --git a/skyvern/forge/api_app.py b/skyvern/forge/api_app.py
@@ -38,19 +38,9 @@ def get_agent_app(router: APIRouter = base_router) -> FastAPI:
     app = FastAPI()
 
     # Add CORS middleware
-    origins = [
-        "http://localhost:5000",
-        "http://127.0.0.1:5000",
-        "http://localhost:8000",
-        "http://127.0.0.1:8000",
-        "http://localhost:8080",
-        "http://127.0.0.1:8080",
-        # Add any other origins you want to whitelist
-    ]
-
     app.add_middleware(
         CORSMiddleware,
-        allow_origins=origins,
+        allow_origins=SettingsManager.get_settings().ALLOWED_ORIGINS,
         allow_credentials=True,
         allow_methods=["*"],
         allow_headers=["*"],