Contact person: Business Client

Phone:Show

Email:Show

Location: WOBURN, United States

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"My simple chat app is built with a React frontend served by Nginx on an Ubuntu EC2 instance (public IP ‑ 3.235.226.188) and a Golang API listening on port 8080. When the browser tries to POST to /register I receive the error:

“Access to fetch at 'http://localhost:8080/register' from origin 'http://3.235.226.188' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `loopback`.”

I need the CORS policy tightened to allow requests only from specific public IPs (not a blanket *). Whether the change belongs in the Go server, the Nginx reverse-proxy rules, or both, I’m open to the cleanest approach as long as:

• The React app running at http://3.235.226.188 can successfully hit the Go endpoints without CORS errors
• Other origins remain blocked
• Your changes are documented so I can replicate them on staging and future instances

Please provide the updated Go code (or middleware), any necessary Nginx stanza, and a short step-by-step verification outline so I can confirm the fix immediately after deployment." (client-provided description)