Skip to content
Snippets Groups Projects
Commit 9b955c9c authored by Yassine Doghri's avatar Yassine Doghri
Browse files

fix(s3): allow CORS for served static files

parent d184998e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/Config/Filters.php
+ 1
1
View file @ 9b955c9c
...@@ -4,6 +4,7 @@ declare(strict_types=1); ...@@ -4,6 +4,7 @@ declare(strict_types=1);
namespace Config; namespace Config;
use App\Filters\AllowCorsFilter;
use CodeIgniter\Config\BaseConfig; use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Filters\CSRF; use CodeIgniter\Filters\CSRF;
use CodeIgniter\Filters\DebugToolbar; use CodeIgniter\Filters\DebugToolbar;
...@@ -12,7 +13,6 @@ use CodeIgniter\Filters\InvalidChars; ...@@ -12,7 +13,6 @@ use CodeIgniter\Filters\InvalidChars;
use CodeIgniter\Filters\SecureHeaders; use CodeIgniter\Filters\SecureHeaders;
use Modules\Api\Rest\V1\Filters\ApiFilter; use Modules\Api\Rest\V1\Filters\ApiFilter;
use Modules\Auth\Filters\PermissionFilter; use Modules\Auth\Filters\PermissionFilter;
use Modules\Fediverse\Filters\AllowCorsFilter;
use Modules\Fediverse\Filters\FediverseFilter; use Modules\Fediverse\Filters\FediverseFilter;
use Modules\PremiumPodcasts\Filters\PodcastUnlockFilter; use Modules\PremiumPodcasts\Filters\PodcastUnlockFilter;
......
modules/Fediverse/Filters/AllowCorsFilter.php app/Filters/AllowCorsFilter.php
+ 6
4
View file @ 9b955c9c
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
declare(strict_types=1); declare(strict_types=1);
namespace Modules\Fediverse\Filters; namespace App\Filters;
use CodeIgniter\Filters\FilterInterface; use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface; use CodeIgniter\HTTP\RequestInterface;
...@@ -17,11 +17,13 @@ class AllowCorsFilter implements FilterInterface ...@@ -17,11 +17,13 @@ class AllowCorsFilter implements FilterInterface
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
{ {
if (! $response->hasHeader('Cache-Control')) {
$response->setHeader('Cache-Control', 'public, max-age=86400');
}
$response->setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure $response->setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure
->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure ->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure
->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only ->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only
->setHeader('Access-Control-Max-Age', '86400') ->setHeader('Access-Control-Max-Age', '86400');
->setHeader('Cache-Control', 'public, max-age=86400')
->setStatusCode(200);
} }
} }
modules/Media/Config/Routes.php
+ 1
0
View file @ 9b955c9c
...@@ -13,4 +13,5 @@ $routes = service('routes'); ...@@ -13,4 +13,5 @@ $routes = service('routes');
$routes->get('static/(:any)', 'MediaController::serve/$1', [ $routes->get('static/(:any)', 'MediaController::serve/$1', [
'as' => 'media-serve', 'as' => 'media-serve',
'namespace' => 'Modules\Media\Controllers', 'namespace' => 'Modules\Media\Controllers',
'filter' => 'allow-cors',
]); ]);
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment