Add cors, fixed graphql playground registration and security headers …

[ktsapo]

…on functional.

Summary by CodeRabbit

• Chores
  • GraphQL Playground is now enabled in all non-production environments, expanding from development-only access and providing better API exploration capabilities across staging and other non-production settings.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 3ca3d5a0-8d2f-4344-865d-e7380f7b230b

📥 Commits

Reviewing files that changed from the base of the PR and between dfcdb3c and 2e089ef.

⛔ Files ignored due to path filters (2)

• shesha-functional-tests/backend/src/Boxfusion.SheshaFunctionalTests.Web.Host/Controllers/HomeController.cs is excluded by !shesha-functional-tests/** and included by none
• shesha-functional-tests/backend/src/Boxfusion.SheshaFunctionalTests.Web.Host/Startup/Startup.cs is excluded by !shesha-functional-tests/** and included by none

📒 Files selected for processing (1)

• shesha-core/src/Shesha.Web.Host/Startup/Startup.cs

---

Walkthrough

GraphQL Playground enablement condition in the Startup configuration was updated from checking development environment (IsDevelopment()) to checking non-production environments (!IsProduction()), allowing the playground to be accessible in all non-production environments rather than only development.

Changes

Cohort / File(s)	Summary
GraphQL Playground Configuration shesha-core/src/Shesha.Web.Host/Startup/Startup.cs	Updated GraphQL Playground enablement condition from IsDevelopment() to !IsProduction() to expand availability across all non-production environments.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A hop through the environments we go,
GraphQL Playground now puts on a show,
Not just in dev, but staging too,
More playgrounds to explore, tried and true! 🎡

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title mentions adding CORS, fixing GraphQL playground registration, and security headers, which aligns with the actual change of enabling GraphQL Playground in non-production environments instead of just development.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}