REDCODE de9cd618b6 docs: fix stale column references and tooling versions in AGENTS.md
- Update dotnet-tools.json location reference
- Fix EF Core Tools version (both now v10.0.9)
- Remove stale SharedWith.Any() EF Core gotcha (per-user sharing removed)
- Fix index example to use Visibility/UploadedBy columns
2026-07-15 18:41:37 +02:00
2026-07-08 01:08:00 +02:00
2026-07-08 01:08:00 +02:00
2025-07-13 22:25:26 +02:00

Milky Shots

MilkyShot logo

A place where to look for images

TODO: fill more information here

Configuration

CORS allowed origins

The API uses a CORS policy to control which browser origins may call it. Allowed origins are configured via the CorsAllowedOrigins key.

appsettings.json (default / development)

{
  "CorsAllowedOrigins": [ "http://localhost:5269", "http://localhost:8080" ]
}

Environment variable (Docker / production)

Set the CorsAllowedOrigins environment variable to a semicolon-separated list of origins. This value replaces the entire array from appsettings.json, so you must list every origin you want to allow:

CorsAllowedOrigins=http://myserver:8080
# or multiple origins:
CorsAllowedOrigins=http://myserver:8080;https://myserver.example.com

To allow any origin (useful when the server IP is unknown at deploy time):

CorsAllowedOrigins=*

⚠️ Security warning: Setting CorsAllowedOrigins=* disables CORS origin checking entirely — any website can make authenticated requests to the API from a visitor's browser. Only use this option in fully trusted, self-hosted environments where you control all network access. For any internet-facing deployment always specify explicit origins instead.

This is already set up in docker-compose.yml — override it with your server's hostname/IP if you are not running on localhost.

Configuring CORS for the MilkStream frontend

MilkStream is the Blazor WASM frontend that talks to the Lactose API. Because the browser fetches the API directly, the origin of MilkStream as seen by the browser must be listed in CorsAllowedOrigins on the Lactose service.

The two services are mapped in docker-compose.yml as follows:

Service Container port Host port Browser URL (default)
lactose 8080 5162 http://yourserver:5162
milkstream 8080 8080 http://yourserver:8080

MilkStream's URL (http://yourserver:8080) must be added to Lactose's allowed origins, and LactoseBaseUrl on MilkStream must point to the URL the browser uses to reach Lactose (http://yourserver:5162).

Example — running on myserver.local:

# docker-compose.yml (relevant excerpts)
lactose:
  environment:
    - CorsAllowedOrigins=http://myserver.local:8080   # MilkStream origin seen by the browser

milkstream:
  environment:
    - LactoseBaseUrl=http://myserver.local:5162/      # Lactose URL seen by the browser

Example — running on localhost (default):

lactose:
  environment:
    - CorsAllowedOrigins=http://localhost:8080

milkstream:
  environment:
    - LactoseBaseUrl=http://localhost:5162/

If you expose MilkStream on a non-standard port or via HTTPS, adjust both values accordingly and list the exact scheme://host:port that appears in the browser's address bar.

Description
No description provided
Readme 432 MiB
Languages
C# 37.2%
SCSS 23.4%
CSS 20.8%
HTML 17.1%
JavaScript 1.4%