From 519bf0c7fe4f9bedb86501920cec1081a868df1a Mon Sep 17 00:00:00 2001 From: Rodri Sanchez Date: Mon, 6 Jul 2026 20:05:42 -0300 Subject: [PATCH] fix(cors): expose Request-Context header for App Insights correlation Cross-origin JavaScript can only read response headers listed in Access-Control-Expose-Headers. Exposing Request-Context lets the browser App Insights SDK read the server appId so dependencies are attributed to the Cboard API component on the Application Map. Part of #472 Co-Authored-By: Claude Fable 5 --- app.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app.js b/app.js index cf8de77e..674a9ff1 100644 --- a/app.js +++ b/app.js @@ -54,7 +54,8 @@ swaggerTools.initializeMiddleware(swaggerConfig, async function (middleware) { process.env.CBOARD_APP_URL, process.env.CBOARD_IOS_APP_URL, process.env.CBUILDER_APP_URL - ] + ], + exposedHeaders: ['Request-Context'] }) );