23 lines
1.2 KiB
JSON
23 lines
1.2 KiB
JSON
{
|
|
"phase": 1,
|
|
"phaseLabel": "Build MVP — CORS broken",
|
|
"status": "broken-cors",
|
|
"product": "DocFast — HTML/Markdown to PDF API",
|
|
"currentPriority": "CRITICAL BUG: The API has NO CORS headers. Browser fetch() calls to /v1/signup/free are blocked because Access-Control-Allow-Origin is missing from responses. This is why signup doesn't work in the browser despite working with curl. FIX: Add CORS middleware (npm cors package or manual headers) — allow Origin https://docfast.dev (or * for the API). Also handle OPTIONS preflight requests properly. Test with: curl -H 'Origin: https://docfast.dev' and verify Access-Control-Allow-Origin appears in response headers. DEPLOY and VERIFY on live site.",
|
|
"infrastructure": {
|
|
"domain": "docfast.dev",
|
|
"url": "https://docfast.dev",
|
|
"server": "docfast-1 (CAX11, nbg1)",
|
|
"serverIP": "167.235.156.214",
|
|
"sshKey": "/home/openclaw/.ssh/docfast",
|
|
"apiKey": "df_live_9760e44a3e732be0f8628a44e0cdbc040107499f6e8f457a"
|
|
},
|
|
"credentials": {
|
|
"file": "/home/openclaw/.openclaw/workspace/.credentials/docfast.env",
|
|
"keys": ["HETZNER_API_TOKEN", "STRIPE_SECRET_KEY"],
|
|
"NEVER_READ_DIRECTLY": true
|
|
},
|
|
"blockers": [],
|
|
"startDate": "2026-02-14",
|
|
"sessionCount": 12
|
|
}
|