diff --git a/app/Config/Filters.php b/app/Config/Filters.php index a838f4de..9481194e 100644 --- a/app/Config/Filters.php +++ b/app/Config/Filters.php @@ -11,6 +11,7 @@ use CodeIgniter\Filters\Honeypot; use CodeIgniter\Filters\InvalidChars; use CodeIgniter\Filters\SecureHeaders; use Modules\Auth\Filters\PermissionFilter; +use Modules\Fediverse\Filters\AllowCorsFilter; use Modules\Fediverse\Filters\FediverseFilter; use Myth\Auth\Filters\LoginFilter; use Myth\Auth\Filters\RoleFilter; @@ -31,7 +32,8 @@ class Filters extends BaseConfig 'login' => LoginFilter::class, 'role' => RoleFilter::class, 'permission' => PermissionFilter::class, - 'activity-pub' => FediverseFilter::class, + 'fediverse' => FediverseFilter::class, + 'allow-cors' => AllowCorsFilter::class, ]; /** diff --git a/app/Config/Routes.php b/app/Config/Routes.php index 2ad119d6..1432ceda 100644 --- a/app/Config/Routes.php +++ b/app/Config/Routes.php @@ -90,6 +90,7 @@ $routes->group('@(:podcastHandle)', function ($routes): void { 'controller-method' => 'ActorController/$1', ], ], + 'filter' => 'allow-cors', ]); $routes->get('about', 'PodcastController::about/$1', [ 'as' => 'podcast-about', @@ -108,6 +109,7 @@ $routes->group('@(:podcastHandle)', function ($routes): void { 'controller-method' => 'PodcastController::episodeCollection/$1', ], ], + 'filter' => 'allow-cors', ]); $routes->group('episodes/(:slug)', function ($routes): void { $routes->options('/', 'ActivityPubController::preflight'); @@ -124,6 +126,7 @@ $routes->group('@(:podcastHandle)', function ($routes): void { 'controller-method' => 'EpisodeController::episodeObject/$1/$2', ], ], + 'filter' => 'allow-cors', ]); $routes->get('activity', 'EpisodeController::activity/$1/$2', [ 'as' => 'episode-activity', @@ -140,7 +143,9 @@ $routes->group('@(:podcastHandle)', function ($routes): void { 'application/ld+json; profile="https://www.w3.org/ns/activitystreams' => [ 'controller-method' => 'EpisodeController::comments/$1/$2', ], + 'filter' => 'allow-cors', ]); + $routes->options('comments/(:uuid)', 'ActivityPubController::preflight'); $routes->get('comments/(:uuid)', 'EpisodeCommentController::view/$1/$2/$3', [ 'as' => 'episode-comment', 'application/activity+json' => [ @@ -152,6 +157,7 @@ $routes->group('@(:podcastHandle)', function ($routes): void { 'application/ld+json; profile="https://www.w3.org/ns/activitystreams' => [ 'controller-method' => 'EpisodeController::commentObject/$1/$2', ], + 'filter' => 'allow-cors', ]); $routes->get('comments/(:uuid)/replies', 'EpisodeCommentController::replies/$1/$2/$3', [ 'as' => 'episode-comment-replies', @@ -221,6 +227,7 @@ $routes->group('@(:podcastHandle)', function ($routes): void { 'controller-method' => 'PostController/$2', ], ], + 'filter' => 'allow-cors', ]); $routes->options('replies', 'ActivityPubController::preflight'); $routes->get('replies', 'PostController/$1/$2', [ @@ -235,6 +242,7 @@ $routes->group('@(:podcastHandle)', function ($routes): void { 'controller-method' => 'PostController::replies/$2', ], ], + 'filter' => 'allow-cors', ]); // Actions @@ -278,7 +286,7 @@ $routes->group('@(:podcastHandle)', function ($routes): void { ]); $routes->get('outbox', 'ActorController::outbox/$1', [ 'as' => 'outbox', - 'filter' => 'activity-pub:verify-activitystream', + 'filter' => 'fediverse:verify-activitystream', ]); }); diff --git a/app/Controllers/ActivityPubController.php b/app/Controllers/ActivityPubController.php index f46b8e77..a735e886 100644 --- a/app/Controllers/ActivityPubController.php +++ b/app/Controllers/ActivityPubController.php @@ -10,21 +10,8 @@ declare(strict_types=1); namespace App\Controllers; -use CodeIgniter\Controller; -use CodeIgniter\HTTP\Response; +use Modules\Fediverse\Controllers\ActivityPubController as FediverseActivityPubController; -class ActivityPubController extends Controller +class ActivityPubController extends FediverseActivityPubController { - /** - * @noRector ReturnTypeDeclarationRector - */ - public function preflight(): Response - { - return $this->response->setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure - ->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure - ->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only - ->setHeader('Access-Control-Max-Age', '86400') - ->setHeader('Cache-Control', 'public, max-age=86400') - ->setStatusCode(200); - } } diff --git a/modules/Fediverse/Config/Routes.php b/modules/Fediverse/Config/Routes.php index c3bf55bc..33d70220 100644 --- a/modules/Fediverse/Config/Routes.php +++ b/modules/Fediverse/Config/Routes.php @@ -43,15 +43,15 @@ $routes->group('', [ $routes->post('inbox', 'ActorController::inbox/$1', [ 'as' => 'inbox', 'filter' => - 'activity-pub:verify-activitystream,verify-blocks,verify-signature', + 'fediverse:verify-activitystream,verify-blocks,verify-signature', ]); $routes->get('outbox', 'ActorController::outbox/$1', [ 'as' => 'outbox', - 'filter' => 'activity-pub:verify-activitystream', + 'filter' => 'fediverse:verify-activitystream', ]); $routes->get('followers', 'ActorController::followers/$1', [ 'as' => 'followers', - 'filter' => 'activity-pub::activity-stream', + 'filter' => 'fediverse::activity-stream', ]); $routes->post('follow', 'ActorController::attemptFollow/$1', [ 'as' => 'attempt-follow', diff --git a/modules/Fediverse/Controllers/ActivityPubController.php b/modules/Fediverse/Controllers/ActivityPubController.php new file mode 100644 index 00000000..fe94c9a1 --- /dev/null +++ b/modules/Fediverse/Controllers/ActivityPubController.php @@ -0,0 +1,30 @@ +response->setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure + ->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure + ->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only + ->setHeader('Access-Control-Max-Age', '86400') + ->setHeader('Cache-Control', 'public, max-age=86400') + ->setStatusCode(200); + } +} diff --git a/modules/Fediverse/Filters/AllowCorsFilter.php b/modules/Fediverse/Filters/AllowCorsFilter.php new file mode 100644 index 00000000..3ed0f948 --- /dev/null +++ b/modules/Fediverse/Filters/AllowCorsFilter.php @@ -0,0 +1,27 @@ +setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure + ->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure + ->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only + ->setHeader('Access-Control-Max-Age', '86400') + ->setHeader('Cache-Control', 'public, max-age=86400') + ->setStatusCode(200); + } +}