iv-org-mirror/invidious
1
0
Fork 0
mirror of https://gitea.invidious.io/iv-org/invidious.git synced 2024-08-15 00:53:41 +00:00
Code Issues Projects Releases Packages Wiki Activity

API: Add APIHandler back (#4431)

Browse source 
This handler should no have been removed in 4276, as it adds the required CORS
header (Access-Control-Allow-Origin) for public acces to the API.

Thanks to iBicha for noticing this!
This commit is contained in:
Samantaz Fox 2024-02-19 00:05:34 +01:00
commit e8a36985af
No known key found for this signature in database
GPG key ID: F42821059186176E
2 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/invidious.cr
View file

@ -217,6 +217,7 @@ public_folder "assets"
Kemal.config.powered_by_header = false Kemal.config.powered_by_header = false
add_handler FilteredCompressHandler.new add_handler FilteredCompressHandler.new
add_handler APIHandler.new
add_handler AuthHandler.new add_handler AuthHandler.new
add_handler DenyFrame.new add_handler DenyFrame.new
add_context_storage_type(Array(String)) add_context_storage_type(Array(String))

13
src/invidious/helpers/handlers.cr
View file

@ -134,6 +134,19 @@ class AuthHandler < Kemal::Handler
end end
end end
class APIHandler < Kemal::Handler
{% for method in %w(GET POST PUT HEAD DELETE PATCH OPTIONS) %}
only ["/api/v1/*"], {{method}}
{% end %}
exclude ["/api/v1/auth/notifications"], "GET"
exclude ["/api/v1/auth/notifications"], "POST"
def call(env)
env.response.headers["Access-Control-Allow-Origin"] = "*" if only_match?(env)
call_next env
end
end
class DenyFrame < Kemal::Handler class DenyFrame < Kemal::Handler
exclude ["/embed/*"] exclude ["/embed/*"]