synops/frontend/svelte.config.js at da04d42df20573a68ab9d3dab76b42a206db57d6 - vegard/synops - Synops Git: Gjørra sjæl!

vegard/synops

vegard da04d42df2 Deaktiver SvelteKit CSRF origin-sjekk for multi-subdomain

ORIGIN er hardkodet til ws.synops.no, men adm.synops.no trenger
også POST (auth callback). CSRF ivaretatt av OIDC PKCE+state.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-20 02:05:35 +00:00

17 lines

335 B

JavaScript

Raw Blame History

 import adapter from '@sveltejs/adapter-node';
 /** @type {import('@sveltejs/kit').Config} */
 const config = {
 	kit: {
 		adapter: adapter(),
 		csrf: {
 			checkOrigin: false
 		}
 	},
 	vitePlugin: {
 		dynamicCompileOptions: ({ filename }) =>
 			filename.includes('node_modules') ? undefined : { runes: true }
 	}
 };
 export default config;