improve sanctum stateful url setup and add default origin policy header

sublinks · Apr 18, 2024 · e2343d9 · e2343d9
1 parent bd000e8
commit e2343d9
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/config/sanctum.php b/config/sanctum.php
@@ -15,8 +15,8 @@
 
     'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
         '%s%s',
-        '::1,localhost:8500,localhost:8080,127.0.0.1:8500,127.0.0.1:8080',
-        env('APP_URL') ? ','.parse_url(env('APP_URL'), PHP_URL_HOST) : ''
+        '::1,127.0.0.1:8500,localhost:8500,localhost:8080,127.0.0.1:8080',
+        env('APP_URL') ? ',' . (parse_url(env('APP_URL'), PHP_URL_PORT) ? parse_url(env('APP_URL'), PHP_URL_HOST) . ':' . parse_url(env('APP_URL'), PHP_URL_PORT) : parse_url(env('APP_URL'), PHP_URL_HOST)) : ''
     ))),
 
     /*

diff --git a/nginx.default.conf b/nginx.default.conf
@@ -13,6 +13,8 @@ server {
 
     client_max_body_size 8M;
 
+    add_header Referrer-Policy 'origin';
+
     location / {
         # First attempt to serve request as file, then
         # as directory, then fall back to index.php