Refactor configuration loading: Updated multiple public PHP files to require a new bootstrap file for configuration management. Adjusted paths for product configuration to enhance maintainability and consistency across the application.

public/contact-handler.php

@@ -9,8 +9,10 @@ if (session_status() === PHP_SESSION_NONE) {
     session_start();
 }
 
-// Konfiguration laden
-require_once 'config/mail-config.php';
+require_once __DIR__ . '/bootstrap.php';
+
+$configDir = defined('HEXAHOST_CONFIG_DIR') ? HEXAHOST_CONFIG_DIR : __DIR__ . '/config';
+require_once $configDir . '/mail-config.php';
 
 // PHPMailer Autoload (falls via Composer installiert)
 if (file_exists(__DIR__ . '/vendor/autoload.php')) {
@@ -43,13 +45,8 @@ function validateCSRFToken($token) {
     return false;
 }
 
-// CORS Headers für AJAX-Requests (nur eigene Domain erlauben)
-$allowed_origins = [
-    'https://hexahost.de',
-    'https://www.hexahost.de',
-    'http://localhost',  // Für Entwicklung
-    'http://127.0.0.1'   // Für Entwicklung
-];
+// CORS Headers für AJAX-Requests (nur eigene Domains erlauben)
+$allowed_origins = getAllowedOrigins();
 
 $origin = $_SERVER['HTTP_ORIGIN'] ?? '';
 if (in_array($origin, $allowed_origins)) {