saulteafarmer/castopod
1
0
Fork 0
mirror of https://code.castopod.org/adaures/castopod synced 2025-05-24 19:12:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(s3): allow CORS for served static files

Browse Source
This commit is contained in:
Yassine Doghri 2023-07-19 15:04:17 +00:00
parent d184998ed5
commit 9b955c9ce2
3 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Config/Filters.php
View File

@ -4,6 +4,7 @@ declare(strict_types=1);
namespace Config; namespace Config;
use App\Filters\AllowCorsFilter;
use CodeIgniter\Config\BaseConfig; use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Filters\CSRF; use CodeIgniter\Filters\CSRF;
use CodeIgniter\Filters\DebugToolbar; use CodeIgniter\Filters\DebugToolbar;
@ -12,7 +13,6 @@ use CodeIgniter\Filters\InvalidChars;
use CodeIgniter\Filters\SecureHeaders; use CodeIgniter\Filters\SecureHeaders;
use Modules\Api\Rest\V1\Filters\ApiFilter; use Modules\Api\Rest\V1\Filters\ApiFilter;
use Modules\Auth\Filters\PermissionFilter; use Modules\Auth\Filters\PermissionFilter;
use Modules\Fediverse\Filters\AllowCorsFilter;
use Modules\Fediverse\Filters\FediverseFilter; use Modules\Fediverse\Filters\FediverseFilter;
use Modules\PremiumPodcasts\Filters\PodcastUnlockFilter; use Modules\PremiumPodcasts\Filters\PodcastUnlockFilter;

10
modules/Fediverse/Filters/AllowCorsFilter.php → app/Filters/AllowCorsFilter.php
View File

@ -2,7 +2,7 @@
declare(strict_types=1); declare(strict_types=1);
namespace Modules\Fediverse\Filters; namespace App\Filters;
use CodeIgniter\Filters\FilterInterface; use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface; use CodeIgniter\HTTP\RequestInterface;
@ -17,11 +17,13 @@ class AllowCorsFilter implements FilterInterface
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
{ {
if (! $response->hasHeader('Cache-Control')) {
$response->setHeader('Cache-Control', 'public, max-age=86400');
}
$response->setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure $response->setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure
->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure ->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure
->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only ->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only
->setHeader('Access-Control-Max-Age', '86400') ->setHeader('Access-Control-Max-Age', '86400');
->setHeader('Cache-Control', 'public, max-age=86400')
->setStatusCode(200);
} }
} }

1
modules/Media/Config/Routes.php
View File

@ -13,4 +13,5 @@ $routes = service('routes');
$routes->get('static/(:any)', 'MediaController::serve/$1', [ $routes->get('static/(:any)', 'MediaController::serve/$1', [
'as' => 'media-serve', 'as' => 'media-serve',
'namespace' => 'Modules\Media\Controllers', 'namespace' => 'Modules\Media\Controllers',
'filter' => 'allow-cors',
]); ]);