Allow CORS requests in /.well-known/* routes (#5717)

* Allow CORS requests in /.well-known/* routes

* Fix bug
This commit is contained in:
Acid Chicken (硫酸鶏) 2020-01-16 04:46:43 +09:00 committed by GitHub
parent 9703ba5340
commit ab1b0cc840
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -19,10 +19,25 @@ const XRD = (...x: { element: string, value?: string, attributes?: Record<string
typeof value === 'string' ? `>${escapeValue(value)}</${element}` : '/'
}>`).reduce((a, c) => a + c, '')}</XRD>`;
const allPath = '/.well-known/*';
const webFingerPath = '/.well-known/webfinger';
const jrd = 'application/jrd+json';
const xrd = 'application/xrd+xml';
router.use(allPath, async (ctx, next) => {
ctx.set({
'Access-Control-Allow-Headers': 'Accept',
'Access-Control-Allow-Methods': 'GET, OPTIONS',
'Access-Control-Allow-Origin': '*',
'Access-Control-Expose-Headers': 'Vary',
});
await next();
});
router.options(allPath, async ctx => {
ctx.status = 204;
});
router.get('/.well-known/host-meta', async ctx => {
ctx.set('Content-Type', xrd);
ctx.body = XRD({ element: 'Link', attributes: {
@ -123,7 +138,7 @@ router.get(webFingerPath, async ctx => {
});
// Return 404 for other .well-known
router.all('/.well-known/*', async ctx => {
router.all(allPath, async ctx => {
ctx.status = 404;
});