Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add CORS headers to dynamic pages #1

Merged
merged 26 commits into from
Apr 14, 2023
Merged

Add CORS headers to dynamic pages #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
e199fe0
Add CORS headers to dynamic pages
cassidoo Apr 11, 2023
f273936
Move headers to Astro config file
cassidoo Apr 12, 2023
f96cfc2
Add headers to Netlify TOML
cassidoo Apr 12, 2023
d17bf84
Fix typo because I am the worst
cassidoo Apr 12, 2023
e0dbfc8
Make all URLs accept headers
cassidoo Apr 12, 2023
a9ded22
Add a cache control header to the /share/ route
cassidoo Apr 12, 2023
ea3981f
Update Astro packages and server headers
cassidoo Apr 12, 2023
5b32f32
Add edge function for modifying headers
cassidoo Apr 13, 2023
fdd734c
Add allow methods to edge function
cassidoo Apr 13, 2023
3992328
Force response to be a 200
cassidoo Apr 13, 2023
a5e6463
Remove manual status setting, log response
cassidoo Apr 13, 2023
1b2cc0e
Change how response is returned
cassidoo Apr 13, 2023
1a60381
Actually name the header correctly
cassidoo Apr 13, 2023
61beb18
Add custom headers to access control
cassidoo Apr 13, 2023
6b67691
Move response headers out of object
cassidoo Apr 13, 2023
6534777
Try redirect proxy
cassidoo Apr 13, 2023
bfb5434
Add condition for options preflight
cassidoo Apr 14, 2023
7a1e186
Add decode URI component to markdown passed in
cassidoo Apr 14, 2023
8c2202b
Remove debugging prints
cassidoo Apr 14, 2023
8a888ee
Remove unused headers settings, remove comments
cassidoo Apr 14, 2023
2a7a1c9
Update Astro
cassidoo Apr 14, 2023
6b872c6
Merge branch 'main' into cw/headers
cassidoo Apr 14, 2023
5950f79
Add allowed domains
cassidoo Apr 14, 2023
2f079fb
Change allowed URLs to regex
cassidoo Apr 14, 2023
48578a7
Comment out URL crap until later
cassidoo Apr 14, 2023
06789b8
Add more checking of the markdown for empty content
cassidoo Apr 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions netlify.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[[edge_functions]]
path = "/*"
function = "headers"
34 changes: 34 additions & 0 deletions netlify/edge-functions/headers.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
export default async (request, context) => {
const response = await context.next();

if (request.method === "OPTIONS") {
return new Response("ok", {
headers: {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Headers": "Content-Type, markdown",
"X-Your-Custom-Header": "A custom value for testing"
}
});
}

// TODO: only allow requests from our own domains
// let url = new URL(request.url);

// let allowedUrlsRegex =
// /^(https?:\/\/)?(localhost(:\d+)?|([a-zA-Z0-9-]+\.)?contenda\.co|(contenda(-test)?-platty-plat)\.netlify\.app)(\/.*)?$/;

// if (url && allowedUrlsRegex.test(url)) {
// response.headers.set("Access-Control-Allow-Origin", origin);
// }

response.headers.set("Access-Control-Allow-Origin", "*");

response.headers.set(
"Access-Control-Allow-Headers",
"Content-Type, markdown"
);
response.headers.set("Cache-Control", "public, max-age=2592000, immutable");
response.headers.set("X-Your-Custom-Header", "A custom value for testing");

return response;
};
Loading