Implement proper CORS configuration for secure cross-origin usage

- Add flask-cors dependency and configure CORS with security best practices - Support configurable CORS origins via environment variables - Separate admin endpoint CORS configuration for enhanced security - Create comprehensive CORS configuration documentation - Add apiClient utility for CORS-aware frontend requests - Include CORS test page for validation - Update README with CORS configuration instructions 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-02 23:51:27 -06:00
parent dc3e67e17b
commit b08574efe5
8 changed files with 1589 additions and 253 deletions
--- a/README.md
+++ b/README.md
@@ -64,6 +64,20 @@ A mobile-friendly web application that translates spoken language between multip
 - Ollama provides access to the Gemma 3 model for translation
 - OpenAI Edge TTS delivers natural-sounding speech output

+## CORS Configuration
+
+The application supports Cross-Origin Resource Sharing (CORS) for secure cross-origin usage. See [CORS_CONFIG.md](CORS_CONFIG.md) for detailed configuration instructions.
+
+Quick setup:
+```bash
+# Development (allow all origins)
+export CORS_ORIGINS="*"
+
+# Production (restrict to specific domains)
+export CORS_ORIGINS="https://yourdomain.com,https://app.yourdomain.com"
+export ADMIN_CORS_ORIGINS="https://admin.yourdomain.com"
+```
+
 ## Mobile Support

 The interface is fully responsive and designed to work well on mobile devices.