diff options
| author | Anthony Lavado <anthony@lavado.ca> | 2020-09-07 19:41:45 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-07 19:41:45 -0400 |
| commit | d08ddbb8d29d3b7595c4309ad30a9ab5a0767bb1 (patch) | |
| tree | bdb52224d416050ef0546957663d84f3c6a4531c /Jellyfin.Server/Configuration/CorsPolicyProvider.cs | |
| parent | f43f72e6ce903fb60971575f6d19866d287f6317 (diff) | |
| parent | 342de39d78431503a0429b76e0ba9d3501b746db (diff) | |
Merge pull request #4013 from crobibero/dynamic-cors
Allow CORS domains to be configured
Diffstat (limited to 'Jellyfin.Server/Configuration/CorsPolicyProvider.cs')
| -rw-r--r-- | Jellyfin.Server/Configuration/CorsPolicyProvider.cs | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/Jellyfin.Server/Configuration/CorsPolicyProvider.cs b/Jellyfin.Server/Configuration/CorsPolicyProvider.cs new file mode 100644 index 000000000..0d04b6bb1 --- /dev/null +++ b/Jellyfin.Server/Configuration/CorsPolicyProvider.cs @@ -0,0 +1,49 @@ +using System; +using System.Threading.Tasks; +using MediaBrowser.Controller.Configuration; +using Microsoft.AspNetCore.Cors.Infrastructure; +using Microsoft.AspNetCore.Http; + +namespace Jellyfin.Server.Configuration +{ + /// <summary> + /// Cors policy provider. + /// </summary> + public class CorsPolicyProvider : ICorsPolicyProvider + { + private readonly IServerConfigurationManager _serverConfigurationManager; + + /// <summary> + /// Initializes a new instance of the <see cref="CorsPolicyProvider"/> class. + /// </summary> + /// <param name="serverConfigurationManager">Instance of the <see cref="IServerConfigurationManager"/> interface.</param> + public CorsPolicyProvider(IServerConfigurationManager serverConfigurationManager) + { + _serverConfigurationManager = serverConfigurationManager; + } + + /// <inheritdoc /> + public Task<CorsPolicy> GetPolicyAsync(HttpContext context, string policyName) + { + var corsHosts = _serverConfigurationManager.Configuration.CorsHosts; + var builder = new CorsPolicyBuilder() + .AllowAnyMethod() + .AllowAnyHeader(); + + // No hosts configured or only default configured. + if (corsHosts.Length == 0 + || (corsHosts.Length == 1 + && string.Equals(corsHosts[0], CorsConstants.AnyOrigin, StringComparison.Ordinal))) + { + builder.AllowAnyOrigin(); + } + else + { + builder.WithOrigins(corsHosts) + .AllowCredentials(); + } + + return Task.FromResult(builder.Build()); + } + } +} |