pop
/
vibed
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
quotesdb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b335009a21'
${ noResults }
vibed/quotesdb/.beans/quotesdb-xg67--triage-local...

45 lines
2.1 KiB
Markdown
Raw Blame History

---
# quotesdb-xg67
title: '[TRIAGE] Local dev CORS and Trunk API proxy config (trunk serve proxying to api on different port)'
status: completed
type: task
priority: critical
created_at: 2026-03-10T23:32:09Z
updated_at: 2026-03-10T23:32:09Z
---
<context>
This is a triage decision ticket. It must be resolved before dependent implementation tickets can proceed.
</context>
<question>
Local dev CORS and Trunk proxy config: during `trunk serve`, the UI runs on one port and the API on another. How do we handle cross-origin API calls in development?
</question>
<options>
1. **Trunk proxy** — configure Trunk to proxy `/api/*` requests to the API server. No CORS needed. Add to `Trunk.toml`.
2. **CORS middleware on API** — add `tower-http` CORS middleware to the Axum router, allowing localhost origins in development.
3. **Same-origin in production** — in production, both are served from the same Cloudflare account; in dev, use the Trunk proxy.
</options>
<resolution status="resolved">
**Chosen approach: Option 1 — Trunk proxy.**
Rationale:
- Mirrors the production architecture: Cloudflare routes `/api/*` to the Worker at the same domain as the Pages site. No CORS configuration is needed in production either.
- Frontend uses **relative URLs** (`/api/quotes`, not `http://localhost:3000/api/quotes`). The same paths work in both dev (Trunk proxies them) and production (Cloudflare routes them).
- Zero CORS configuration: no `tower-http` CORS middleware, no `Access-Control-Allow-Origin` headers. Simpler API, smaller attack surface.
- Port: API runs on `localhost:3000` via `cargo run` (plain Axum/Tokio for local dev).
Implementation:
- `Trunk.toml` — add `[[proxy]] rewrite = "/api" backend = "http://localhost:3000"`. See ticket 00d6d7.
- `src/bin/ui/api.rs` — use relative URLs only. See ticket 1e6a09.
Updated tickets: dc3d2b (Trunk.toml setup), 1e6a09 (API client module).
Created ticket: 00d6d7 (dedicated implementation task for the proxy config).
</resolution>
<commit>
`chore(quotesdb): resolve triage — local-dev-cors-and-trunk-api-proxy-config-trunk-serve-proxyi`
</commit>
Reference in New Issue View Git Blame Copy Permalink