mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-21 22:11:26 +00:00
Adjust CORS configuration to support API & OAuth Routes
Fixes #4411 and #3381
This commit is contained in:
parent
c96167f2f7
commit
1eadff9d2e
2 changed files with 8 additions and 5 deletions
|
@ -14,12 +14,12 @@ class Kernel extends HttpKernel
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $middleware = [
|
protected $middleware = [
|
||||||
|
\Illuminate\Http\Middleware\HandleCors::class,
|
||||||
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
|
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
|
||||||
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
|
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
|
||||||
|
\App\Http\Middleware\TrustProxies::class,
|
||||||
\App\Http\Middleware\TrimStrings::class,
|
\App\Http\Middleware\TrimStrings::class,
|
||||||
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
|
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
|
||||||
\App\Http\Middleware\TrustProxies::class,
|
|
||||||
\Illuminate\Http\Middleware\HandleCors::class,
|
|
||||||
];
|
];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -22,7 +22,9 @@ return [
|
||||||
* Example: ['api/*']
|
* Example: ['api/*']
|
||||||
*/
|
*/
|
||||||
'paths' => [
|
'paths' => [
|
||||||
'.well-known/*'
|
'.well-known/*',
|
||||||
|
'api/*',
|
||||||
|
'oauth/*'
|
||||||
],
|
],
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -48,7 +50,8 @@ return [
|
||||||
/*
|
/*
|
||||||
* Sets the Access-Control-Expose-Headers response header with these headers.
|
* Sets the Access-Control-Expose-Headers response header with these headers.
|
||||||
*/
|
*/
|
||||||
'exposed_headers' => [],
|
// TODO: Add support for rate-limit related headers
|
||||||
|
'exposed_headers' => ['Link'],
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Sets the Access-Control-Max-Age response header when > 0.
|
* Sets the Access-Control-Max-Age response header when > 0.
|
||||||
|
@ -59,4 +62,4 @@ return [
|
||||||
* Sets the Access-Control-Allow-Credentials header.
|
* Sets the Access-Control-Allow-Credentials header.
|
||||||
*/
|
*/
|
||||||
'supports_credentials' => false,
|
'supports_credentials' => false,
|
||||||
];
|
];
|
||||||
|
|
Loading…
Reference in a new issue