From ef3ebb867d005a754bbeb6bc9abb4ed1bebc085f Mon Sep 17 00:00:00 2001 From: Kieran Date: Sat, 4 Mar 2023 19:52:21 +0000 Subject: [PATCH] Add allow all CORS policy to download endpoints --- VoidCat/Controllers/DownloadController.cs | 3 +++ VoidCat/VoidStartup.cs | 21 ++++++++++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/VoidCat/Controllers/DownloadController.cs b/VoidCat/Controllers/DownloadController.cs index 1b75044..9596f62 100644 --- a/VoidCat/Controllers/DownloadController.cs +++ b/VoidCat/Controllers/DownloadController.cs @@ -1,4 +1,5 @@ using System.Net; +using Microsoft.AspNetCore.Cors; using Microsoft.AspNetCore.Mvc; using VoidCat.Model; using VoidCat.Model.Payments; @@ -28,6 +29,7 @@ public class DownloadController : Controller [HttpOptions] [Route("{id}")] + [EnableCors("*")] public Task DownloadFileOptions([FromRoute] string id) { var gid = id.FromBase58Guid(); @@ -41,6 +43,7 @@ public class DownloadController : Controller [ResponseCache(Location = ResponseCacheLocation.Any, Duration = 86400)] [HttpGet] [Route("{id}")] + [EnableCors("*")] public async Task DownloadFile([FromRoute] string id) { var gid = id.FromBase58Guid(); diff --git a/VoidCat/VoidStartup.cs b/VoidCat/VoidStartup.cs index c071560..ac2ed5e 100644 --- a/VoidCat/VoidStartup.cs +++ b/VoidCat/VoidStartup.cs @@ -78,6 +78,7 @@ public static class VoidStartup { o.LoggingFields = HttpLoggingFields.RequestPropertiesAndHeaders | HttpLoggingFields.ResponsePropertiesAndHeaders; + o.RequestBodyLogLimit = 4096; o.ResponseBodyLogLimit = 4096; @@ -89,6 +90,7 @@ public static class VoidStartup o.RequestHeaders.Add(h); } }); + services.AddHttpClient(); services.AddSwaggerGen(c => { @@ -99,6 +101,7 @@ public static class VoidStartup Name = "Authorization", Type = SecuritySchemeType.ApiKey }); + c.AddSecurityRequirement(new OpenApiSecurityRequirement { { @@ -113,9 +116,11 @@ public static class VoidStartup new string[] { } } }); + var path = Path.Combine(AppContext.BaseDirectory, $"{Assembly.GetExecutingAssembly().GetName().Name}.xml"); c.IncludeXmlComments(path); }); + services.AddCors(opt => { opt.AddDefaultPolicy(p => @@ -125,11 +130,20 @@ public static class VoidStartup .AllowCredentials() .WithOrigins(voidSettings.CorsOrigins.Select(a => a.OriginalString).ToArray()); }); + + opt.AddPolicy("*", p => + { + p.AllowAnyMethod() + .AllowAnyHeader() + .AllowAnyOrigin(); + }); }); + services.AddRazorPages(); services.AddRouting(); services.AddControllers() .AddNewtonsoftJson((opt) => { ConfigJsonSettings(opt.SerializerSettings); }); + services.AddHealthChecks(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) @@ -146,10 +160,7 @@ public static class VoidStartup }; }); - services.AddAuthorization((opt) => - { - opt.AddPolicy(Policies.RequireAdmin, (auth) => { auth.RequireRole(Roles.Admin); }); - }); + services.AddAuthorization((opt) => { opt.AddPolicy(Policies.RequireAdmin, (auth) => { auth.RequireRole(Roles.Admin); }); }); services.AddTransient(); services.AddAnalytics(voidSettings); @@ -185,4 +196,4 @@ public static class VoidStartup s.MissingMemberHandling = MissingMemberHandling.Ignore; return s; } -} \ No newline at end of file +}