From d2a41c9659b6efb8a82d4d1734aff757a541289b Mon Sep 17 00:00:00 2001
From: Ianus Inferus <10500058+IanusInferus@users.noreply.github.com>
Date: Sat, 30 Aug 2025 23:55:12 +0800
Subject: [PATCH] add "Access-Control-Allow-Origin: *" for direct access from
 browser web pages (e.g. ee-LittlePhone)

---
 bridge-server/src/index.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bridge-server/src/index.ts b/bridge-server/src/index.ts
index aa1bdc2..137999e 100644
--- a/bridge-server/src/index.ts
+++ b/bridge-server/src/index.ts
@@ -22,6 +22,7 @@ import { loadServerConfig } from './config/config.js';
 import { GcliMcpBridge } from './bridge/bridge.js';
 import { createOpenAIRouter } from './bridge/openai.js';
 import express from 'express';
+import cors from 'cors';
 import { logger } from './utils/logger.js';
 import { type SecurityPolicy } from './types.js';
 import yargs from 'yargs';
@@ -266,6 +267,7 @@ async function startMcpServer() {
   logger.info('-----------------------');
 
   const app = express();
+  app.use(cors());
   app.use(express.json({ limit: '50mb' }));
 
   // Start the MCP service.