File tree Expand file tree Collapse file tree 1 file changed +7
-1
lines changed Expand file tree Collapse file tree 1 file changed +7
-1
lines changed Original file line number Diff line number Diff line change @@ -22,7 +22,13 @@ const config: Configuration = {
2222 //
2323 // REMARK: needs webpack-dev-server import at top of file for typings
2424 devServer : {
25- allowedHosts : "all" ,
25+ // allowedHosts are services that can access the running server. headers
26+ // are attached to all responses by the dev server. In v1, we use CODERD_HOST for
27+ // allowed host and origin in order to mitigate security risks. We don't have
28+ // an equivalent in v2 (at the moment) - but we can allow localhost and cdr.dev,
29+ // so that the site is accessible through dev urls.
30+ // We don't want to use 'all' or '*' and risk a security hole in our dev environments.
31+ allowedHosts : [ "localhost" , ".cdr.dev" ] ,
2632
2733 // client configures options that are observed in the browser/web-client.
2834 client : {
You can’t perform that action at this time.
0 commit comments