CORS

app/main.py

@@ -1,10 +1,27 @@
 from fastapi import FastAPI, HTTPException
+from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import JSONResponse
 from fastapi.encoders import jsonable_encoder
 from app.schemas import QueryPayload, ExecutePayload
 from app.db import get_engine, run_query, run_execute
 
-app = FastAPI(title="MSSQL ODBC Service", version="1.1.0")
+app = FastAPI(title="Polo informatico SQL API", version="1.0.0")
+
+ALLOWED_ORIGINS = [
+    "http://192.168.10.94/",
+    "http://192.168.10.94:8080/",
+    "http://localhost:8080",
+    "http://localhost"
+]
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=ALLOWED_ORIGINS,
+    allow_credentials=False,                   # set True only if you use cookies/auth
+    allow_methods=["GET", "POST", "OPTIONS"],  # include OPTIONS for preflight
+    allow_headers=["*"],                       # or list specific headers
+    max_age=86400,                             # cache preflight for 1 day
+)
 
 def _trim_strings(obj):
     if isinstance(obj, str):