From 2ed4cf3b40caeb6181d068d411344e6732000f22 Mon Sep 17 00:00:00 2001 From: oSumAtrIX Date: Thu, 11 Jul 2024 03:50:48 +0200 Subject: [PATCH] fix: Configure CORS correctly --- configuration.example.toml | 7 +++++-- .../app/revanced/api/configuration/HTTP.kt | 10 ++++++---- .../repository/ConfigurationRepository.kt | 18 +++--------------- 3 files changed, 14 insertions(+), 21 deletions(-) diff --git a/configuration.example.toml b/configuration.example.toml index 47ff97e5..6ea94c03 100644 --- a/configuration.example.toml +++ b/configuration.example.toml @@ -10,5 +10,8 @@ contributors-repositories = [ "revanced-manager", ] api-version = 1 -cors = { host = "*.revanced.app", sub-domains = [] } -endpoint = "https://api.revanced.app" \ No newline at end of file +cors-allowed-hosts = [ + "revanced.app", + "*.revanced.app" +] +endpoint = "https://api.revanced.app" diff --git a/src/main/kotlin/app/revanced/api/configuration/HTTP.kt b/src/main/kotlin/app/revanced/api/configuration/HTTP.kt index 06c8a1fd..0e79530f 100644 --- a/src/main/kotlin/app/revanced/api/configuration/HTTP.kt +++ b/src/main/kotlin/app/revanced/api/configuration/HTTP.kt @@ -13,10 +13,12 @@ fun Application.configureHTTP() { val configurationRepository = get() install(CORS) { - allowHost( - host = configurationRepository.cors.host, - subDomains = configurationRepository.cors.subDomains, - ) + configurationRepository.corsAllowedHosts.forEach { host -> + allowHost( + host = host, + schemes = listOf("http", "https") + ) + } } install(RateLimit) { diff --git a/src/main/kotlin/app/revanced/api/configuration/repository/ConfigurationRepository.kt b/src/main/kotlin/app/revanced/api/configuration/repository/ConfigurationRepository.kt index aed455aa..752bccdb 100644 --- a/src/main/kotlin/app/revanced/api/configuration/repository/ConfigurationRepository.kt +++ b/src/main/kotlin/app/revanced/api/configuration/repository/ConfigurationRepository.kt @@ -19,7 +19,7 @@ import java.io.File * @property integrations The source of the integrations. * @property contributorsRepositoryNames The names of the repositories to get contributors from. * @property apiVersion The version to use for the API. - * @property cors The CORS configuration. + * @property corsAllowedHosts The hosts allowed to make requests to the API. * @property endpoint The endpoint of the API. */ @Serializable @@ -31,7 +31,8 @@ internal class ConfigurationRepository( val contributorsRepositoryNames: Set, @SerialName("api-version") val apiVersion: Int = 1, - val cors: Cors, + @SerialName("cors-allowed-hosts") + val corsAllowedHosts: Set, val endpoint: String, ) { /** @@ -61,19 +62,6 @@ internal class ConfigurationRepository( @SerialName("public-key-file") val publicKeyFile: File, ) - - /** - * The CORS configuration. - * - * @property host The host of the API to configure CORS. - * @property subDomains The subdomains to allow for CORS. - */ - @Serializable - internal class Cors( - val host: String, - @SerialName("sub-domains") - val subDomains: List, - ) } private object RegexSerializer : KSerializer {