Convert to ICorsPolicyProvider
This commit is contained in:
parent
8a08111adc
commit
2c05d53b06
|
@ -16,12 +16,13 @@ using Jellyfin.Api.Auth.RequiresElevationPolicy;
|
|||
using Jellyfin.Api.Constants;
|
||||
using Jellyfin.Api.Controllers;
|
||||
using Jellyfin.Server.Formatters;
|
||||
using Jellyfin.Server.Models;
|
||||
using Jellyfin.Server.Middleware;
|
||||
using MediaBrowser.Common.Json;
|
||||
using MediaBrowser.Model.Entities;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Cors.Infrastructure;
|
||||
using Microsoft.AspNetCore.HttpOverrides;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.OpenApi.Models;
|
||||
|
@ -134,18 +135,15 @@ namespace Jellyfin.Server.Extensions
|
|||
/// </summary>
|
||||
/// <param name="serviceCollection">The service collection.</param>
|
||||
/// <param name="pluginAssemblies">An IEnumerable containing all plugin assemblies with API controllers.</param>
|
||||
/// /// <param name="corsHosts">The configured cors hosts.</param>
|
||||
/// ///
|
||||
/// <returns>The MVC builder.</returns>
|
||||
public static IMvcBuilder AddJellyfinApi(
|
||||
this IServiceCollection serviceCollection,
|
||||
IEnumerable<Assembly> pluginAssemblies,
|
||||
string[] corsHosts)
|
||||
IEnumerable<Assembly> pluginAssemblies)
|
||||
{
|
||||
IMvcBuilder mvcBuilder = serviceCollection
|
||||
.AddCors(options =>
|
||||
{
|
||||
options.AddPolicy(ServerCorsPolicy.DefaultPolicyName, new ServerCorsPolicy(corsHosts).Policy);
|
||||
})
|
||||
.AddCors()
|
||||
.AddTransient<ICorsPolicyProvider, CorsPolicyProvider>()
|
||||
.Configure<ForwardedHeadersOptions>(options =>
|
||||
{
|
||||
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
|
||||
|
|
|
@ -1,7 +1,49 @@
|
|||
namespace Jellyfin.Server.Middleware
|
||||
{
|
||||
public class CorsPolicyProvider
|
||||
{
|
||||
using System;
|
||||
using System.Threading.Tasks;
|
||||
using MediaBrowser.Controller.Configuration;
|
||||
using Microsoft.AspNetCore.Cors.Infrastructure;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
|
||||
namespace Jellyfin.Server.Middleware
|
||||
{
|
||||
/// <summary>
|
||||
/// Cors policy provider.
|
||||
/// </summary>
|
||||
public class CorsPolicyProvider : ICorsPolicyProvider
|
||||
{
|
||||
private readonly IServerConfigurationManager _serverConfigurationManager;
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="CorsPolicyProvider"/> class.
|
||||
/// </summary>
|
||||
/// <param name="serverConfigurationManager">Instance of the <see cref="IServerConfigurationManager"/> interface.</param>
|
||||
public CorsPolicyProvider(IServerConfigurationManager serverConfigurationManager)
|
||||
{
|
||||
_serverConfigurationManager = serverConfigurationManager;
|
||||
}
|
||||
|
||||
/// <inheritdoc />
|
||||
public Task<CorsPolicy> GetPolicyAsync(HttpContext context, string policyName)
|
||||
{
|
||||
var corsHosts = _serverConfigurationManager.Configuration.CorsHosts;
|
||||
var builder = new CorsPolicyBuilder()
|
||||
.AllowAnyMethod()
|
||||
.AllowAnyHeader();
|
||||
|
||||
// No hosts configured or only default configured.
|
||||
if (corsHosts.Length == 0
|
||||
|| (corsHosts.Length == 1
|
||||
&& string.Equals(corsHosts[0], CorsConstants.AnyOrigin, StringComparison.Ordinal)))
|
||||
{
|
||||
builder.AllowAnyOrigin();
|
||||
}
|
||||
else
|
||||
{
|
||||
builder.WithOrigins(corsHosts)
|
||||
.AllowCredentials();
|
||||
}
|
||||
|
||||
return Task.FromResult(builder.Build());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,47 +0,0 @@
|
|||
using System;
|
||||
using Microsoft.AspNetCore.Cors.Infrastructure;
|
||||
|
||||
namespace Jellyfin.Server.Models
|
||||
{
|
||||
/// <summary>
|
||||
/// Server Cors Policy.
|
||||
/// </summary>
|
||||
public class ServerCorsPolicy
|
||||
{
|
||||
/// <summary>
|
||||
/// Default policy name.
|
||||
/// </summary>
|
||||
public const string DefaultPolicyName = nameof(ServerCorsPolicy);
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the <see cref="ServerCorsPolicy"/> class.
|
||||
/// </summary>
|
||||
/// <param name="corsHosts">The configured cors hosts.</param>
|
||||
public ServerCorsPolicy(string[] corsHosts)
|
||||
{
|
||||
var builder = new CorsPolicyBuilder()
|
||||
.AllowAnyMethod()
|
||||
.AllowAnyHeader();
|
||||
|
||||
// No hosts configured or only default configured.
|
||||
if (corsHosts.Length == 0
|
||||
|| (corsHosts.Length == 1
|
||||
&& string.Equals(corsHosts[0], "*", StringComparison.Ordinal)))
|
||||
{
|
||||
builder.AllowAnyOrigin();
|
||||
}
|
||||
else
|
||||
{
|
||||
builder.WithOrigins(corsHosts)
|
||||
.AllowCredentials();
|
||||
}
|
||||
|
||||
Policy = builder.Build();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets the cors policy.
|
||||
/// </summary>
|
||||
public CorsPolicy Policy { get; }
|
||||
}
|
||||
}
|
|
@ -5,7 +5,6 @@ using Jellyfin.Api.TypeConverters;
|
|||
using Jellyfin.Server.Extensions;
|
||||
using Jellyfin.Server.Implementations;
|
||||
using Jellyfin.Server.Middleware;
|
||||
using Jellyfin.Server.Models;
|
||||
using MediaBrowser.Common.Net;
|
||||
using MediaBrowser.Controller;
|
||||
using MediaBrowser.Controller.Configuration;
|
||||
|
@ -53,9 +52,7 @@ namespace Jellyfin.Server
|
|||
{
|
||||
options.HttpsPort = _serverApplicationHost.HttpsPort;
|
||||
});
|
||||
services.AddJellyfinApi(
|
||||
_serverApplicationHost.GetApiPluginAssemblies(),
|
||||
_serverConfigurationManager.Configuration.CorsHosts);
|
||||
services.AddJellyfinApi(_serverApplicationHost.GetApiPluginAssemblies());
|
||||
|
||||
services.AddJellyfinApiSwagger();
|
||||
|
||||
|
@ -118,7 +115,7 @@ namespace Jellyfin.Server
|
|||
|
||||
mainApp.UseResponseCompression();
|
||||
|
||||
mainApp.UseCors(ServerCorsPolicy.DefaultPolicyName);
|
||||
mainApp.UseCors();
|
||||
|
||||
if (_serverConfigurationManager.Configuration.RequireHttps
|
||||
&& _serverApplicationHost.ListenWithHttps)
|
||||
|
|
Loading…
Reference in New Issue
Block a user