application.configuration ve allowedHosts kısmına Wildcard seçeneği eklendi

api/src/Kurs.Platform.HttpApi.Host/Program.cs

@@ -78,7 +78,6 @@ public class Program
             var extraOrigins = (builder.Configuration["App:CorsOrigins"] ?? "")
                 .Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
 
-            // Her ortamda tek policy tanımla; kuralları içeride ayır
             builder.Services.AddCors(options =>
             {
                 options.AddPolicy("Dynamic", policy =>
@@ -95,9 +94,8 @@ public class Program
                             var scheme = uri.Scheme.ToLowerInvariant();
                             var host = uri.Host.ToLowerInvariant();
 
-                            if (builder.Environment.IsProduction())
+                            if (builder.Environment.IsProduction()) //IsProduction
                             {
-                                // PROD: sadece HTTPS + *.baseDomain + (isteğe bağlı) extraOrigins
                                 if (scheme != "https") return false;
 
                                 if (!string.IsNullOrWhiteSpace(baseDomain))
@@ -107,7 +105,6 @@ public class Program
                                         return true;
                                 }
 
-                                // App:CorsOrigins içindeki tam domainleri de kabul et
                                 foreach (var o in extraOrigins)
                                 {
                                     if (Uri.TryCreate(o, UriKind.Absolute, out var eo)
@@ -120,22 +117,13 @@ public class Program
 
                                 return false;
                             }
-                            else
+                            else //IsDevelopment
                             {
-                                // DEV/LOCAL: localhost ve dev-* subdomainleri
-                                if (host == "localhost" || host == "127.0.0.1" || host == "[::1]")
+                                if (scheme == "https" && (host == "localhost" || host == "127.0.0.1" || host == "[::1]")
+                                    || (scheme == "http" && (host == "localhost" || host == "127.0.0.1" || host == "[::1]"))
+                                    || (!string.IsNullOrWhiteSpace(baseDomain) && (host == $"dev.{baseDomain.ToLowerInvariant()}")))
                                     return true;
 
-                                // Örn. dev-*.sozsoft.com gibi bir pattern istiyorsan:
-                                if (!string.IsNullOrWhiteSpace(baseDomain) &&
-                                    (host.StartsWith("dev-") && host.EndsWith("." + baseDomain!.ToLowerInvariant())))
-                                    return true;
-
-                                // İstersen http de kabul et (vite genelde http çalışır)
-                                if (scheme == "http" && (host == "localhost" || host == "127.0.0.1"))
-                                    return true;
-
-                                // İsteğe bağlı: extraOrigins development’ta da geçerli olsun dersen:
                                 foreach (var o in extraOrigins)
                                 {
                                     if (Uri.TryCreate(o, UriKind.Absolute, out var eo)

api/src/Kurs.Platform.HttpApi.Host/appsettings.Dev.json

@@ -6,7 +6,8 @@
         "RedirectAllowedUrls": "https://dev.sozsoft.com,https://dev.sozsoft.com/authentication/callback",
         "AttachmentsPath": "/etc/api/mail-queue/attachments",
         "CdnPath": "/etc/api/cdn",
-        "ImportPath": "/etc/api/import"
+        "ImportPath": "/etc/api/import",
+        "BaseDomain": "sozsoft.com"
     },
     "ConnectionStrings": {
         "SqlServer": "Server=sql;Database=KURS;User Id=sa;password=NvQp8s@l;Trusted_Connection=False;TrustServerCertificate=True;",

api/src/Kurs.Platform.HttpApi.Host/appsettings.Production.json

@@ -2,12 +2,12 @@
     "App": {
         "SelfUrl": "https://api.sozsoft.com",
         "ClientUrl": "https://sozsoft.com",
-        "BaseDomain": "sozsoft.com",
         "CorsOrigins": "https://sozsoft.com",
         "RedirectAllowedUrls": "https://sozsoft.com,https://sozsoft.com/authentication/callback",
         "AttachmentsPath": "/etc/api/mail-queue/attachments",
         "CdnPath": "/etc/api/cdn",
-        "ImportPath": "/etc/api/import"
+        "ImportPath": "/etc/api/import",
+        "BaseDomain": "sozsoft.com"
     },
     "ConnectionStrings": {
         "SqlServer": "Server=sql;Database=KURS;User Id=sa;password=NvQp8s@l;Trusted_Connection=False;TrustServerCertificate=True;",

api/src/Kurs.Platform.HttpApi.Host/appsettings.json

@@ -2,7 +2,7 @@
     "App": {
         "SelfUrl": "https://localhost:44344",
         "ClientUrl": "http://localhost:3000",
-        "CorsOrigins": "http://localhost,http://localhost:3000,http://localhost:3001,http://localhost:3003,http://localhost:4200,http://localhost:5173",
+        "CorsOrigins": "http://localhost,http://localhost:3000,http://localhost:4200",
         "RedirectAllowedUrls": "http://localhost:4200,http://localhost:4200/authentication/callback",
         "AttachmentsPath": "C:\\Private\\Projects\\sozsoft\\configs\\mail-queue\\attachments",
         "CdnPath": "C:\\Private\\Projects\\sozsoft\\configs\\docker\\data\\cdn",

ui/vite.config.ts

@@ -65,7 +65,7 @@ export default defineConfig(async ({ mode }) => {
       host: '0.0.0.0',
       port: 80,
       open: false,
-      allowedHosts,
+      allowedHosts: ['localhost', '.sozsoft.com'],
     },
     define: {
       'process.env': {},