Medium priority fixes: CORS from env, shared HasRadioSettings trait, lazy RconService, validated() fixes, LogoGenerator hardening, DB indexes, user profile consistency, radio rank N+1 fix

2026-06-04 20:05:36 +02:00
parent 4b6872e5e0
commit b2bb1811d0
11 changed files with 140 additions and 56 deletions
@@ -21,11 +21,11 @@ return [

    'allowed_methods' => array_filter(array_map(trim(...), explode(',', (string) env('CORS_ALLOWED_METHODS', 'GET,POST,PUT,PATCH,DELETE,OPTIONS'))), fn ($v) => $v !== ''),

-    'allowed_origins' => ['*'], // Zorgt ervoor dat alle origins (zoals je client/CMS) de imaging mogen inladen
+    'allowed_origins' => array_filter(array_map(trim(...), explode(',', (string) env('CORS_ALLOWED_ORIGINS', '*'))), fn ($v) => $v !== ''),

    'allowed_origins_patterns' => [],

-    'allowed_headers' => ['*'], // Flexibel instellen zodat er geen headers geblokkeerd worden
+    'allowed_headers' => array_filter(array_map(trim(...), explode(',', (string) env('CORS_ALLOWED_HEADERS', '*'))), fn ($v) => $v !== ''),

    'exposed_headers' => [],