Bug fixes

2026-05-22 04:00:02 +02:00
parent 7227bc97fc
commit 10bfdfb914
8 changed files with 1308 additions and 43 deletions
--- a/crates/cgcx-server/src/main.rs
+++ b/crates/cgcx-server/src/main.rs
@@ -107,6 +107,19 @@ type AppResult<T> = Result<T, AppError>;
 async fn main() -> cgcx_core::Result<()> {
    tracing_subscriber::fmt::init();

+    // Log panics so we can diagnose 500s that CatchPanicLayer swallows.
+    std::panic::set_hook(Box::new(|info| {
+        let msg = if let Some(s) = info.payload().downcast_ref::<&str>() {
+            s.to_string()
+        } else if let Some(s) = info.payload().downcast_ref::<String>() {
+            s.clone()
+        } else {
+            "unknown panic payload".to_string()
+        };
+        let location = info.location().map(|l| format!("{}:{}", l.file(), l.line())).unwrap_or_default();
+        tracing::error!("PANIC at {}: {}", location, msg);
+    }));
+
    let config = Arc::new(Config::load()?);
    config.validate()?;

@@ -161,24 +174,24 @@ async fn main() -> cgcx_core::Result<()> {
    let static_service = ServeDir::new("frontend/dist")
        .fallback(ServeFile::new("frontend/dist/index.html"));

-    let base_url = config.server.base_url.clone();
-    let cors = CorsLayer::new()
-        .allow_origin(AllowOrigin::predicate(move |origin: &HeaderValue, _request_parts: &_| {
-            if let Ok(origin_str) = origin.to_str() {
-                if origin_str == base_url {
-                    return true;
-                }
-                // Allow localhost origins for development
-                if origin_str.starts_with("http://127.0.0.1:") 
-                    || origin_str.starts_with("http://localhost:")
-                    || origin_str.starts_with("https://127.0.0.1:")
-                    || origin_str.starts_with("https://localhost:")
-                {
-                    return true;
-                }
+    let mut origins: Vec<HeaderValue> = vec![
+        config.server.base_url.parse().expect("invalid server.base_url"),
+    ];
+    for origin in [
+        "http://127.0.0.1:5173",
+        "http://localhost:5173",
+        "http://127.0.0.1:8090",
+        "http://localhost:8090",
+    ] {
+        if let Ok(hv) = origin.parse::<HeaderValue>() {
+            if !origins.contains(&hv) {
+                origins.push(hv);
            }
-            false
-        }))
+        }
+    }
+
+    let cors = CorsLayer::new()
+        .allow_origin(AllowOrigin::list(origins))
        .allow_methods([Method::GET, Method::POST, Method::HEAD, Method::OPTIONS])
        .allow_headers([header::CONTENT_TYPE, header::AUTHORIZATION, header::ACCEPT, header::ACCEPT_ENCODING, header::RANGE])
        .allow_credentials(true)