michael.heier/jellyfin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove custom CORS OPTIONS handling

Browse Source
This commit is contained in:
Claus Vium 2020-09-03 14:05:16 +02:00
parent 2f79c3095b
commit 993c46f98d
3 changed files with 2 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs
View File

@ -68,16 +68,6 @@ namespace Jellyfin.Server.Extensions
return appBuilder.UseMiddleware<LanFilteringMiddleware>();
}
/// <summary>
/// Adds CORS OPTIONS request handling to the application pipeline.
/// </summary>
/// <param name="appBuilder">The application builder.</param>
/// <returns>The updated application builder.</returns>
public static IApplicationBuilder UseCorsOptionsResponse(this IApplicationBuilder appBuilder)
{
return appBuilder.UseMiddleware<CorsOptionsResponseMiddleware>();
}
/// <summary>
/// Adds base url redirection to the application pipeline.
/// </summary>

69
Jellyfin.Server/Middleware/CorsOptionsResponseMiddleware.cs
View File

@ -1,69 +0,0 @@
using System;
using System.Collections.Generic;
using System.Net.Mime;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Primitives;
namespace Jellyfin.Server.Middleware
{
/// <summary>
/// Middleware for handling OPTIONS requests.
/// </summary>
public class CorsOptionsResponseMiddleware
{
private readonly RequestDelegate _next;
/// <summary>
/// Initializes a new instance of the <see cref="CorsOptionsResponseMiddleware"/> class.
/// </summary>
/// <param name="next">The next delegate in the pipeline.</param>
public CorsOptionsResponseMiddleware(RequestDelegate next)
{
_next = next;
}
/// <summary>
/// Executes the middleware action.
/// </summary>
/// <param name="httpContext">The current HTTP context.</param>
/// <returns>The async task.</returns>
public async Task Invoke(HttpContext httpContext)
{
if (string.Equals(httpContext.Request.Method, HttpMethods.Options, StringComparison.OrdinalIgnoreCase))
{
httpContext.Response.StatusCode = 200;
foreach (var (key, value) in GetDefaultCorsHeaders(httpContext))
{
httpContext.Response.Headers.Add(key, value);
}
httpContext.Response.ContentType = MediaTypeNames.Text.Plain;
await httpContext.Response.WriteAsync(string.Empty, httpContext.RequestAborted).ConfigureAwait(false);
return;
}
await _next(httpContext).ConfigureAwait(false);
}
private static IDictionary<string, string> GetDefaultCorsHeaders(HttpContext httpContext)
{
var origin = httpContext.Request.Headers["Origin"];
if (origin == StringValues.Empty)
{
origin = httpContext.Request.Headers["Host"];
if (origin == StringValues.Empty)
{
origin = "*";
}
}
var headers = new Dictionary<string, string>();
headers.Add("Access-Control-Allow-Origin", origin);
headers.Add("Access-Control-Allow-Credentials", "true");
headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, PATCH, OPTIONS");
headers.Add("Access-Control-Allow-Headers", "Content-Type, Authorization, Range, X-MediaBrowser-Token, X-Emby-Authorization, Cookie");
return headers;
}
}
}

4
Jellyfin.Server/Startup.cs
View File

@ -101,6 +101,8 @@ namespace Jellyfin.Server
app.UseResponseCompression();
app.UseCors(ServerCorsPolicy.DefaultPolicyName);
if (_serverConfigurationManager.Configuration.RequireHttps
&& _serverApplicationHost.ListenWithHttps)
{
@ -110,7 +112,6 @@ namespace Jellyfin.Server
app.UseAuthentication();
app.UseJellyfinApiSwagger(_serverConfigurationManager);
app.UseRouting();
app.UseCors(ServerCorsPolicy.DefaultPolicyName);
app.UseAuthorization();
if (_serverConfigurationManager.Configuration.EnableMetrics)
{
@ -120,7 +121,6 @@ namespace Jellyfin.Server
app.UseLanFiltering();
app.UseIpBasedAccessValidation();
app.UseCorsOptionsResponse();
app.UseBaseUrlRedirection();
app.UseWebSocketHandler();
app.UseServerStartupMessage();