From ba15058e5ce42765e4088cbb44a397c87c00c722 Mon Sep 17 00:00:00 2001 From: Laura Hausmann Date: Thu, 2 May 2024 22:42:45 +0200 Subject: [PATCH] [backend/api] Allow CORS from all origins for FallbackController (ISH-301) --- Iceshrimp.Backend/Controllers/FallbackController.cs | 2 ++ Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs | 7 +++++++ 2 files changed, 9 insertions(+) diff --git a/Iceshrimp.Backend/Controllers/FallbackController.cs b/Iceshrimp.Backend/Controllers/FallbackController.cs index 84d90e69..b457cf15 100644 --- a/Iceshrimp.Backend/Controllers/FallbackController.cs +++ b/Iceshrimp.Backend/Controllers/FallbackController.cs @@ -2,6 +2,7 @@ using System.Net; using System.Net.Mime; using Iceshrimp.Shared.Schemas; using Iceshrimp.Backend.Core.Middleware; +using Microsoft.AspNetCore.Cors; using Microsoft.AspNetCore.Mvc; namespace Iceshrimp.Backend.Controllers; @@ -9,6 +10,7 @@ namespace Iceshrimp.Backend.Controllers; [Produces(MediaTypeNames.Application.Json)] public class FallbackController : ControllerBase { + [EnableCors("fallback")] [ProducesResponseType(StatusCodes.Status501NotImplemented, Type = typeof(ErrorResponse))] public IActionResult FallbackAction() { diff --git a/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs b/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs index 7ce31a9e..093b5775 100644 --- a/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs +++ b/Iceshrimp.Backend/Core/Extensions/ServiceExtensions.cs @@ -262,6 +262,13 @@ public static class ServiceExtensions .WithHeaders("Authorization", "Content-Type", "Idempotency-Key") .WithExposedHeaders("Link", "Connection", "Sec-Websocket-Accept", "Upgrade"); }); + options.AddPolicy("fallback", policy => + { + policy.WithOrigins("*") + .WithMethods("GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "CONNECT") + .WithHeaders("Authorization", "Content-Type", "Idempotency-Key") + .WithExposedHeaders("Link", "Connection", "Sec-Websocket-Accept", "Upgrade"); + }); }); }