From cf3084cfa8e151c78f55a24af05dddb9d3a0fc71 Mon Sep 17 00:00:00 2001
From: Elias Schneider <login@eliasschneider.com>
Date: Sun, 30 Mar 2025 22:30:22 +0200
Subject: [PATCH] refactor: remove cors exception from middleware as this is
 handled by the handler

---
 backend/internal/middleware/cors.go | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/backend/internal/middleware/cors.go b/backend/internal/middleware/cors.go
index 955c1a5f..6427ae12 100644
--- a/backend/internal/middleware/cors.go
+++ b/backend/internal/middleware/cors.go
@@ -15,13 +15,7 @@ func NewCorsMiddleware() *CorsMiddleware {
 
 func (m *CorsMiddleware) Add() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		// Allow all origins for the token endpoint
-		if c.FullPath() == "/api/oidc/token" {
-			c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		} else {
-			c.Writer.Header().Set("Access-Control-Allow-Origin", common.EnvConfig.AppURL)
-		}
-
+		c.Writer.Header().Set("Access-Control-Allow-Origin", common.EnvConfig.AppURL)
 		c.Writer.Header().Set("Access-Control-Allow-Headers", "*")
 		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")