* fix(server): enhance CORS handling for local API network access
- Fix CORS preflight validation to use Host header for target validation
- Use Origin header correctly for CORS response headers
- Improve host validation to support both host:port and host-only formats
- Filter upstream CORS headers to prevent duplicate Access-Control-Allow-Origin
- Add CORS headers to all error responses for consistent behavior
- Fix host matching logic to handle trusted hosts with and without ports
- Ensure single Access-Control-Allow-Origin header per response
This resolves CORS preflight failures that were blocking cross-origin
requests to the local API server, enabling proper network access from
web applications and external tools.
Fixes: OPTIONS requests being rejected due to incorrect host validation
Resolves: "access control allow origin cannot contain more than one origin" error
* fix(proxy): bypass host and authorization checks for root path in CORS preflight
* fix(proxy): bypass host and authorization checks for whitelisted paths
* feat: integrate fuzzy search into model dropdown
- Replace DropdownMenu with Popover for better search UX
- Include search input with clear functionality
- Reorganize layout with capabilities at end of row
- Maintain provider grouping and model selection functionality
Improves model discovery and selection with instant search across
model names, providers, and capabilities.
* chore: enhance input search style
* feat: enhance model dropdown with search highlighting and fixed positioning
- Add FZF search highlighting with text-accent color for matched characters
- Fix dropdown to only appear below (prevent upward positioning)
- Import highlightFzfMatch utility for search result highlighting
- Update SearchableModel interface to include highlightedId property
- Modify FZF selector to target model.id for more accurate highlighting
- Use dangerouslySetInnerHTML to render highlighted search matches
- Add avoidCollisions=false to PopoverContent for consistent positioning
---------
Co-authored-by: Faisal Amir <urmauur@gmail.com>
* feat: Jan API Server should have API Key setting
* chore: reveal api key icon
* Update src-tauri/src/core/server.rs
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* chore: add validation apiKey
---------
Co-authored-by: Faisal Amir <urmauur@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* chore: hide some model capabilities
* chore: update model setting description
* chore: disable vision and embedding and add tooltip
---------
Co-authored-by: Louis <louis@jan.ai>
* fix: relocate jan data folder failed
* fix: avoid infinite recursion
* chore: kill background processes to unblock factory reset
* chore: stop models before reset factory
* chore: clean up
* chore: clean up
* fix: show error
* chore: get active models should not have retry
