From ca41aee64fefd92b62b913dd9eb2a34ae658916d Mon Sep 17 00:00:00 2001
From: Pablo de la Torre Jamardo <pablodelatorree@gmail.com>
Date: Sat, 20 Sep 2025 10:22:10 +0200
Subject: [PATCH] chore: configure CORS

---
 .../portfolio/infrastructure/config/CorsConfig.java   | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/infrastructure/src/main/java/com/pablotj/portfolio/infrastructure/config/CorsConfig.java b/infrastructure/src/main/java/com/pablotj/portfolio/infrastructure/config/CorsConfig.java
index f5a5fe8..523e2c5 100644
--- a/infrastructure/src/main/java/com/pablotj/portfolio/infrastructure/config/CorsConfig.java
+++ b/infrastructure/src/main/java/com/pablotj/portfolio/infrastructure/config/CorsConfig.java
@@ -1,5 +1,6 @@
 package com.pablotj.portfolio.infrastructure.config;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@@ -7,10 +8,16 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 @Configuration
 public class CorsConfig implements WebMvcConfigurer {
 
+    @Value("${app.cors.allowed-origins}")
+    private String allowedOriginsString;
+
     @Override
     public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**") // todos los endpoints que comiencen con /api/
-                .allowedOrigins("http://127.0.0.1:3000", "http://localhost:3000", "https://pablotj.com")
+
+        String [] allowedOrigins = allowedOriginsString.split(",");
+
+        registry.addMapping("/**")
+                .allowedOrigins(allowedOrigins)
                 .allowedMethods("GET", "POST", "PUT", "DELETE")
                 .allowedHeaders("*");
     }