firefrost-gaming/firefrost-services
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: CORS configuration for Stripe checkout endpoint

Browse Source 
Fixed CORS to properly handle both www and non-www origins plus OPTIONS preflight.

ISSUE:
- Subscribe button click from website showed error alert
- No request logged in Trinity Console (request blocked by CORS)
- Original config only allowed https://firefrostgaming.com (no www)
- Missing OPTIONS method for preflight requests

FIX:
- Added both origins: firefrostgaming.com and www.firefrostgaming.com
- Added OPTIONS method for CORS preflight handling
- Added optionsSuccessStatus: 200 for legacy browser support

FILES MODIFIED:
- services/arbiter-3.0/src/index.js (CORS config, 3 lines changed)

TESTING:
- Deploy to Command Center
- Test subscribe button from firefrostgaming.com
- Should now successfully create Stripe checkout session

Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
This commit is contained in:
Claude (Chronicler #57)
2026-04-03 16:04:43 +00:00
parent 7567fef7d1
commit 99841f2197
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
services/arbiter-3.0/src/index.js
View File

@@ -48,9 +48,10 @@ app.use(express.urlencoded({ extended: true }));
// CORS configuration - Allow Stripe checkout requests from website
app.use('/stripe/create-checkout-session', cors({
origin: 'https://firefrostgaming.com',
methods: ['POST'],
credentials: false
origin: ['https://firefrostgaming.com', 'https://www.firefrostgaming.com'],
methods: ['POST', 'OPTIONS'],
credentials: false,
optionsSuccessStatus: 200
}));
// Make Discord client accessible to routes