Simplified CORS header

2026-01-03 12:00:00 -06:00 · 2025-08-27 15:42:00 -04:00
parent a66c9c89bb
commit f16de2207d
2 changed files with 5 additions and 33 deletions
--- a/libs/python/agent/agent/proxy/examples.py
+++ b/libs/python/agent/agent/proxy/examples.py
@@ -30,7 +30,7 @@ async def test_http_endpoint():
            # Simple text request
            {
                "model": "anthropic/claude-3-5-sonnet-20241022",
-                "input": "Tell me a three sentence bedtime story about a unicorn.",
+                "input": "Hello!",
                "env": {
                    "ANTHROPIC_API_KEY": anthropic_api_key
                }
@@ -70,6 +70,7 @@ async def test_http_endpoint():
                    result = await response.json()
                    print(f"Status: {response.status}")
                    print(f"Response: {json.dumps(result, indent=2)}")
+                    print(f"Response Headers: {response.headers}")
                    
            except Exception as e:
                print(f"Error: {e}")
--- a/libs/python/computer-server/computer_server/main.py
+++ b/libs/python/computer-server/computer_server/main.py
@@ -658,27 +658,14 @@ async def agent_response_endpoint(
        "usage": total_usage,
    }

-    # Set CORS headers for allowed origins only
-    origin = request.headers.get("origin")
-    allowed_origins = {
-        "http://localhost",
-        "http://localhost:3000",
-        "http://localhost:5173",
-        "http://127.0.0.1",
-        "http://127.0.0.1:3000",
-        "https://trycua.com",
-        "https://www.trycua.com",
-    }
-
+    # CORS: allow any origin
    headers = {
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Access-Control-Allow-Methods": "POST, OPTIONS",
        "Access-Control-Allow-Headers": "Content-Type, X-Container-Name, X-API-Key",
+        "Access-Control-Allow-Origin": "*",
    }
-    if origin and origin in allowed_origins:
-        headers["Access-Control-Allow-Origin"] = origin
-        headers["Vary"] = "Origin"

    return JSONResponse(content=payload, headers=headers)

@@ -686,30 +673,14 @@ async def agent_response_endpoint(
@app.options("/responses")
 async def agent_response_options(request: Request):
    """CORS preflight for /responses"""
-    origin = request.headers.get("origin")
-    allowed_origins = {
-        "http://localhost",
-        "http://localhost:3000",
-        "http://localhost:3001",
-        "http://localhost:5173",
-        "http://127.0.0.1",
-        "http://127.0.0.1:3000",
-        "http://127.0.0.1:3001",
-        "https://trycua.com",
-        "https://www.trycua.com",
-    }
-
    headers = {
        "Cache-Control": "no-cache",
        "Connection": "keep-alive",
        "Access-Control-Allow-Methods": "POST, OPTIONS",
        "Access-Control-Allow-Headers": "Content-Type, X-Container-Name, X-API-Key",
        "Access-Control-Max-Age": "600",
+        "Access-Control-Allow-Origin": "*",
    }
-    if origin and origin in allowed_origins:
-        headers["Access-Control-Allow-Origin"] = origin
-        headers["Vary"] = "Origin"
-
    return JSONResponse(content={}, headers=headers)