Fix CORS headers for proxied assets

This commit is contained in:
Omar Roth 2019-05-19 07:12:45 -05:00
parent 5730280325
commit f237fd9847
No known key found for this signature in database
GPG Key ID: B8254FB7EC3D37F2
1 changed files with 20 additions and 8 deletions

View File

@ -5063,13 +5063,16 @@ get "/videoplayback" do |env|
env.response.status_code = response.status_code env.response.status_code = response.status_code
response.headers.each do |key, value| response.headers.each do |key, value|
env.response.headers[key] = value if !{"Access-Control-Allow-Origin", "Alt-Svc"}.includes? key
env.response.headers[key] = value
end
end end
env.response.headers["Access-Control-Allow-Origin"] = "*"
if response.headers["Location"]? if response.headers["Location"]?
url = URI.parse(response.headers["Location"]) url = URI.parse(response.headers["Location"])
host = url.host host = url.host
env.response.headers["Access-Control-Allow-Origin"] = "*"
url = url.full_path url = url.full_path
url += "&host=#{host}" url += "&host=#{host}"
@ -5086,8 +5089,6 @@ get "/videoplayback" do |env|
env.response.headers["Content-Disposition"] = "attachment; filename=\"#{URI.escape(title)}\"; filename*=UTF-8''#{URI.escape(title)}" env.response.headers["Content-Disposition"] = "attachment; filename=\"#{URI.escape(title)}\"; filename*=UTF-8''#{URI.escape(title)}"
end end
env.response.headers["Access-Control-Allow-Origin"] = "*"
proxy_file(response, env) proxy_file(response, env)
end end
end end
@ -5109,15 +5110,18 @@ get "/ggpht/*" do |env|
end end
client.get(url, headers) do |response| client.get(url, headers) do |response|
env.response.status_code = response.status_code
response.headers.each do |key, value| response.headers.each do |key, value|
env.response.headers[key] = value if !{"Access-Control-Allow-Origin", "Alt-Svc"}.includes? key
env.response.headers[key] = value
end
end end
if response.status_code == 304 if response.status_code == 304
break break
end end
env.response.headers["Access-Control-Allow-Origin"] = "*"
proxy_file(response, env) proxy_file(response, env)
end end
end end
@ -5153,13 +5157,17 @@ get "/sb/:id/:storyboard/:index" do |env|
client.get(url, headers) do |response| client.get(url, headers) do |response|
env.response.status_code = response.status_code env.response.status_code = response.status_code
response.headers.each do |key, value| response.headers.each do |key, value|
env.response.headers[key] = value if !{"Access-Control-Allow-Origin", "Alt-Svc"}.includes? key
env.response.headers[key] = value
end
end end
if response.status_code >= 400 if response.status_code >= 400
break break
end end
env.response.headers["Access-Control-Allow-Origin"] = "*"
proxy_file(response, env) proxy_file(response, env)
end end
end end
@ -5191,13 +5199,17 @@ get "/vi/:id/:name" do |env|
client.get(url, headers) do |response| client.get(url, headers) do |response|
env.response.status_code = response.status_code env.response.status_code = response.status_code
response.headers.each do |key, value| response.headers.each do |key, value|
env.response.headers[key] = value if !{"Access-Control-Allow-Origin", "Alt-Svc"}.includes? key
env.response.headers[key] = value
end
end end
if response.status_code == 304 if response.status_code == 304
break break
end end
env.response.headers["Access-Control-Allow-Origin"] = "*"
proxy_file(response, env) proxy_file(response, env)
end end
end end