fix: cors

src/config/config.ts

@@ -24,6 +24,10 @@ const refreshApi = axios.create({
 let isRefreshing = false
 let queue: any[] = []
 
+function shouldRedirectToSigninOnRefreshFailure(status?: number): boolean {
+  return status === 401 || status === 404
+}
+
 const processQueue = (error?: any) => {
   queue.forEach((p) => {
     if (error) p.reject(error)
@@ -121,7 +125,7 @@ async function performRefreshAndRetry(originalRequest: any): Promise<AxiosRespon
       return refreshApi.post("/auth/refresh", {})
     }
 
-    let refreshRes: any = await tryCookieRefresh()
+    const refreshRes: any = await tryCookieRefresh()
 
     const nextTokens = extractTokensFromResponsePayload(refreshRes?.data)
     if (nextTokens) setStoredTokens(nextTokens)
@@ -137,9 +141,8 @@ async function performRefreshAndRetry(originalRequest: any): Promise<AxiosRespon
     return api(originalRequest)
   } catch (refreshErr: any) {
     processQueue(refreshErr)
-    // Only force logout when refresh token/session is truly invalid (401).
-    // CRITICAL: We only redirect if it's a 401, which means the HttpOnly cookie is missing or invalid.
-    if (refreshErr?.response?.status === 401) {
+    // Treat missing/invalid refresh endpoints or sessions as logged-out state.
+    if (shouldRedirectToSigninOnRefreshFailure(refreshErr?.response?.status)) {
       clearStoredTokens()
       if (typeof window !== "undefined") {
         window.location.href = "/signin"

src/uhm/api/config.ts

@@ -28,20 +28,12 @@ export function stripGoongApiKeyFromUrl(rawUrl: string): string {
 
 export function buildGoongProxyUrl(rawUrl: string): string {
     const sanitizedUrl = stripGoongApiKeyFromUrl(rawUrl);
-    const templateTokens: string[] = [];
-    const tokenizedUrl = sanitizedUrl.replace(/\{[^}]+\}/g, (match) => {
-        const tokenId = `__UHM_GOONG_URL_TOKEN_${templateTokens.length}__`;
-        templateTokens.push(match);
-        return tokenId;
-    });
+    const proxyTarget = sanitizedUrl
+        .trim()
+        .replace(/^https?:\/\//i, "")
+        .replace(/^\/+/, "");
 
-    let encodedUrl = encodeURIComponent(tokenizedUrl);
-    templateTokens.forEach((token, index) => {
-        const encodedTokenId = encodeURIComponent(`__UHM_GOONG_URL_TOKEN_${index}__`);
-        encodedUrl = encodedUrl.replace(encodedTokenId, token);
-    });
-
-    return `${GOONG_PROXY_BASE_PATH}/${encodedUrl}`;
+    return `${GOONG_PROXY_BASE_PATH}/${proxyTarget}`;
 }
 
 export const GOONG_GLYPHS_PROXY_URL = buildGoongProxyUrl(GOONG_GLYPHS_UPSTREAM_URL);