From ad6bdfb7870f2a8f9d90e1d8533308e754f7bac0 Mon Sep 17 00:00:00 2001
From: Manas Srivastava <mastermanas805@gmail.com>
Date: Thu, 23 Apr 2026 23:32:31 +0530
Subject: [PATCH] fix: remove localhost default from MarketingURL
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The default for Server.MarketingURL was "http://localhost:5173" —
harmless in local dev, catastrophic in production where an operator
who hadn't configured MARKETING_URL (most of them) would have every
post-OAuth redirect land on http://localhost:5173/dashboard.html.

Dropping it to "" keeps the existing "if empty, 404 the marketing
redirects" branch active, so a misconfigured deploy fails clean
instead of silently shipping every signup to their own localhost.

The proper prod config (config.prod.yaml.tpl wiring MARKETING_URL
+ COOKIE_DOMAIN) is in PR #5. This change makes unset env vars
safe even before PR #5 lands.
---
 internal/server/config.go      | 6 +++++-
 internal/server/config_test.go | 3 +++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/internal/server/config.go b/internal/server/config.go
index 27ce514..ce1773c 100644
--- a/internal/server/config.go
+++ b/internal/server/config.go
@@ -196,7 +196,11 @@ func DefaultConfig() *Config {
 			ReadTimeout:  "10s",
 			WriteTimeout: "30s",
 			IdleTimeout:  "60s",
-			MarketingURL: "http://localhost:5173",
+			// Intentionally empty — an unset MarketingURL makes marketing
+			// redirects 404 cleanly. The old localhost default leaked into
+			// production OAuth redirects when operators forgot to set the
+			// env var, sending real users to http://localhost:5173.
+			MarketingURL: "",
 			CookieDomain: "",
 			AllowedOrigins: []string{
 				"http://localhost:5173",
diff --git a/internal/server/config_test.go b/internal/server/config_test.go
index b3e4534..21acd25 100644
--- a/internal/server/config_test.go
+++ b/internal/server/config_test.go
@@ -48,6 +48,9 @@ func TestDefaultConfig(t *testing.T) {
 	if cfg.Email.FromAddress != "no-reply@example.com" {
 		t.Errorf("Email.FromAddress = %q, want %q", cfg.Email.FromAddress, "no-reply@example.com")
 	}
+	if cfg.Server.MarketingURL != "" {
+		t.Errorf("Server.MarketingURL default = %q, want empty string (no localhost leak in prod)", cfg.Server.MarketingURL)
+	}
 }
 
 // TestOverrideWithEnv_FillsEmptySecrets verifies env vars populate Config fields