From 49f38aac6ddfa9461f8643a9f0265fadb1c5f644 Mon Sep 17 00:00:00 2001 From: deminearchiver Date: Sun, 24 Nov 2024 15:08:16 +0300 Subject: [PATCH] hotfix --- apps/backend/src/lib/app.py | 13 +++++++------ apps/frontend/src/routes/play/index.tsx | 6 ++++-- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/apps/backend/src/lib/app.py b/apps/backend/src/lib/app.py index dc9cbc7..4936204 100644 --- a/apps/backend/src/lib/app.py +++ b/apps/backend/src/lib/app.py @@ -22,12 +22,13 @@ def get_db() -> DB: db = g._database = DB("db.db") db.connect() return db - + @app.after_request def apply_caching(response: Response): response.headers['Access-Control-Allow-Credentials'] = 'true' + response.headers['Content-Security-Policy'] = 'upgrade-insecure-requests' return response @@ -69,22 +70,22 @@ def get_data(): db.add_answer_to_user_history(_id=user_id, answer_id=answer._id) print(f"answer: {answer.to_json()}") - + return make_on_event_json_response(db, user_id) - + @app.route("/create_user", methods=['POST']) @cross_origin() def create_user(): user_id = request.cookies.get('user_id') db = get_db() - + if not user_id: user_id = str(uuid.uuid4()) db.create_user(_id=user_id, money=15000) - + user = db.get_user(user_id) - + data = return_last_data(user) response = make_response(jsonify(data)) diff --git a/apps/frontend/src/routes/play/index.tsx b/apps/frontend/src/routes/play/index.tsx index 5274df1..68f453a 100644 --- a/apps/frontend/src/routes/play/index.tsx +++ b/apps/frontend/src/routes/play/index.tsx @@ -33,7 +33,8 @@ const createSession = async () => { url, { method: "POST", - credentials: "include", + // credentials: "include", + mode: "no-cors", headers: { "Accept": "application/json", "Content-Type": "application/json" @@ -51,7 +52,8 @@ const fetchNextEvent = async (id?: string) => { url, { method: "POST", - credentials: "include", + // credentials: "include", + mode: "no-cors", headers: { "Accept": "application/json", "Content-Type": "application/json"