TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-28 21:33:24 +03:00
Code Issues Projects Releases Wiki Activity

Corrected image CORS (#17119)

Browse Source 
refs
018f97e679
This commit is contained in:
Simon Backx 2023-06-23 14:33:00 +02:00 committed by GitHub
parent 9085ae1266
commit 78405a9cb8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ghost/core/core/frontend/web/middleware/handle-image-sizes.js
View File

@ -13,6 +13,9 @@ const FORMAT_PATH_REGEX = /^\/format\/([^./]+)\//;
const TRAILING_SLASH_REGEX = /\/+$/;
module.exports = function (req, res, next) {
// In admin we need to read images and calculate the average color (blocked by CORS otherwise)
res.setHeader('Access-Control-Allow-Origin', '*');
if (!SIZE_PATH_REGEX.test(req.url)) {
return next();
}

2
ghost/core/core/frontend/web/middleware/serve-public-file.js
View File

@ -46,8 +46,6 @@ function createPublicFileMiddleware(location, file, mime, maxAge) {
// send image files directly and let express handle content-length, etag, etc
if (mime.match(/^image/)) {
// In admin we need to read images and calculate the average color (blocked by CORS otherwise)
res.setHeader('Access-Control-Allow-Origin', '*');
return res.sendFile(filePath, (err) => {
if (err && err.status === 404) {
// ensure we're triggering basic asset 404 and not a templated 404

58
ghost/core/test/unit/frontend/web/middleware/handle-image-sizes.test.js
View File

@ -5,6 +5,10 @@ const activeTheme = require('../../../../../core/frontend/services/theme-engine/
const handleImageSizes = require('../../../../../core/frontend/web/middleware/handle-image-sizes.js');
const imageTransform = require('@tryghost/image-transform');
const fakeResBase = {
setHeader() {}
};
// @TODO make these tests lovely and non specific to implementation
describe('handleImageSizes middleware', function () {
this.afterEach(function () {
@ -19,7 +23,7 @@ describe('handleImageSizes middleware', function () {
fakeReq.url.match = function () {
throw new Error('Should have exited immediately');
};
handleImageSizes(fakeReq, {}, function next() {
handleImageSizes(fakeReq, fakeResBase, function next() {
done();
});
});
@ -32,7 +36,7 @@ describe('handleImageSizes middleware', function () {
fakeReq.url.match = function () {
throw new Error('Should have exited immediately');
};
handleImageSizes(fakeReq, {}, function next() {
handleImageSizes(fakeReq, fakeResBase, function next() {
done();
});
});
@ -45,7 +49,7 @@ describe('handleImageSizes middleware', function () {
fakeReq.url.match = function () {
throw new Error('Should have exited immediately');
};
handleImageSizes(fakeReq, {}, function next() {
handleImageSizes(fakeReq, fakeResBase, function next() {
done();
});
});
@ -58,7 +62,7 @@ describe('handleImageSizes middleware', function () {
fakeReq.url.match = function () {
throw new Error('Should have exited immediately');
};
handleImageSizes(fakeReq, {}, function next() {
handleImageSizes(fakeReq, fakeResBase, function next() {
done();
});
});
@ -71,7 +75,7 @@ describe('handleImageSizes middleware', function () {
fakeReq.url.match = function () {
throw new Error('Should have exited immediately');
};
handleImageSizes(fakeReq, {}, function next() {
handleImageSizes(fakeReq, fakeResBase, function next() {
done();
});
});
@ -139,7 +143,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
if (err) {
@ -162,7 +167,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
if (err) {
@ -185,7 +191,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
if (err) {
@ -220,7 +227,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -246,7 +254,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -272,7 +281,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -297,7 +307,8 @@ describe('handleImageSizes middleware', function () {
const fakeRes = {
redirect() {
done(new Error('Should not have called redirect'));
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -323,7 +334,8 @@ describe('handleImageSizes middleware', function () {
const fakeRes = {
redirect() {
done(new Error('Should not have called redirect'));
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -355,7 +367,8 @@ describe('handleImageSizes middleware', function () {
redirect() {
done(new Error('Should not have called redirect'));
},
type: function () {}
type: function () {},
setHeader() {}
};
const typeStub = sinon.spy(fakeRes, 'type');
@ -390,7 +403,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -418,7 +432,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -446,7 +461,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -474,7 +490,8 @@ describe('handleImageSizes middleware', function () {
return done(e);
}
done();
}
},
setHeader() {}
};
handleImageSizes(fakeReq, fakeRes, function next(err) {
@ -498,6 +515,7 @@ describe('handleImageSizes middleware', function () {
redirect() {
done(new Error('Should not have called redirect'));
},
setHeader() {},
type: function () {}
};
const typeStub = sinon.spy(fakeRes, 'type');
@ -532,6 +550,7 @@ describe('handleImageSizes middleware', function () {
redirect() {
done(new Error('Should not have called redirect'));
},
setHeader() {},
type: function () {}
};
const typeStub = sinon.spy(fakeRes, 'type');
@ -566,6 +585,7 @@ describe('handleImageSizes middleware', function () {
redirect() {
done(new Error('Should not have called redirect'));
},
setHeader() {},
type: function () {}
};
const typeStub = sinon.spy(fakeRes, 'type');
@ -600,6 +620,7 @@ describe('handleImageSizes middleware', function () {
redirect() {
done(new Error('Should not have called redirect'));
},
setHeader() {},
type: function () {}
};
const typeStub = sinon.spy(fakeRes, 'type');
@ -634,6 +655,7 @@ describe('handleImageSizes middleware', function () {
redirect() {
done(new Error('Should not have called redirect'));
},
setHeader() {},
type: function () {}
};
const typeStub = sinon.spy(fakeRes, 'type');