From 33008b64cecc17de208df11e804bc3279f92732d Mon Sep 17 00:00:00 2001
From: echo <petrovskidimitar@yandex.com>
Date: Sat, 28 Feb 2026 15:33:45 +0100
Subject: [PATCH] fix: enhance CORS configuration with explicit methods and
 headers

---
 backend/src/main.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/backend/src/main.ts b/backend/src/main.ts
index 20b8ab7..e7c8541 100644
--- a/backend/src/main.ts
+++ b/backend/src/main.ts
@@ -18,7 +18,11 @@ async function bootstrap() {
 
   app.enableCors({
     origin: allowedOrigins,
+    methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+    allowedHeaders: ['Content-Type', 'Authorization', 'Accept', 'Origin'],
+    exposedHeaders: ['Content-Range', 'X-Content-Range'],
     credentials: true,
+    maxAge: 3600,
   });
 
   app.setGlobalPrefix('api/v1');