fix(s3): allow CORS for served static files

app/Config/Filters.php

@@ -4,6 +4,7 @@ declare(strict_types=1);
 
 namespace Config;
 
+use App\Filters\AllowCorsFilter;
 use CodeIgniter\Config\BaseConfig;
 use CodeIgniter\Filters\CSRF;
 use CodeIgniter\Filters\DebugToolbar;
@@ -12,7 +13,6 @@ use CodeIgniter\Filters\InvalidChars;
 use CodeIgniter\Filters\SecureHeaders;
 use Modules\Api\Rest\V1\Filters\ApiFilter;
 use Modules\Auth\Filters\PermissionFilter;
-use Modules\Fediverse\Filters\AllowCorsFilter;
 use Modules\Fediverse\Filters\FediverseFilter;
 use Modules\PremiumPodcasts\Filters\PodcastUnlockFilter;
 

app/Filters/AllowCorsFilter.php

@@ -2,7 +2,7 @@
 
 declare(strict_types=1);
 
-namespace Modules\Fediverse\Filters;
+namespace App\Filters;
 
 use CodeIgniter\Filters\FilterInterface;
 use CodeIgniter\HTTP\RequestInterface;
@@ -17,11 +17,13 @@ class AllowCorsFilter implements FilterInterface
 
     public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
     {
+        if (! $response->hasHeader('Cache-Control')) {
+            $response->setHeader('Cache-Control', 'public, max-age=86400');
+        }
+
         $response->setHeader('Access-Control-Allow-Origin', '*') // for allowing any domain, insecure
             ->setHeader('Access-Control-Allow-Headers', '*') // for allowing any headers, insecure
             ->setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS') // allows GET and OPTIONS methods only
-            ->setHeader('Access-Control-Max-Age', '86400')
-            ->setHeader('Cache-Control', 'public, max-age=86400')
-            ->setStatusCode(200);
+            ->setHeader('Access-Control-Max-Age', '86400');
     }
 }

modules/Media/Config/Routes.php

@@ -13,4 +13,5 @@ $routes = service('routes');
 $routes->get('static/(:any)', 'MediaController::serve/$1', [
     'as'        => 'media-serve',
     'namespace' => 'Modules\Media\Controllers',
+    'filter'    => 'allow-cors',
 ]);