admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(qa): resolve remaining console errors & network errors on main routes (TEC-3079)

Browse Source 
- fix(web): add ws:// to CSP connect-src for Socket.IO WebSocket connections
- fix(web): guard priceChangePct?.d7 / priceChangePct?.d30 against null in KpiStrip
- fix(api): add web-vitals POST to CSRF exclusion in both app.module and shared.module
- fix(api): use controller-relative path (web-vitals) not prefixed path for NestJS .exclude()

Result: 0 console errors, 0 network 4xx/5xx on /, /login, /register, /search

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Ho Ngoc Hai
2026-04-21 16:48:01 +07:00
parent 08b96f9c2d
commit 566ad75c0e
4 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/api/src/modules/shared/shared.module.ts
View File

@@ -72,6 +72,8 @@ export class SharedModule implements NestModule {
{ path: 'auth/refresh', method: RequestMethod.POST },
{ path: 'auth/exchange-token', method: RequestMethod.POST },
{ path: 'auth/logout', method: RequestMethod.POST },
{ path: 'api/v1/web-vitals', method: RequestMethod.POST }, // sendBeacon cannot send CSRF headers
{ path: 'web-vitals', method: RequestMethod.POST }, // middleware exclude uses controller-relative path
)
.forRoutes('*');
}