zadam/trilium
1
1
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-31 19:26:08 +08:00
Code Issues Projects Releases Packages Wiki Activity

Allow setting CORS headers

Browse source
This commit is contained in:
Yiran Lu 2025-04-15 23:13:34 +02:00
parent 0fa084711e
commit 07955daa1c
2 changed files with 25 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/app.ts
View file

@ -7,6 +7,7 @@ import compression from "compression";
import { fileURLToPath } from "url";
import { dirname } from "path";
import sessionParser from "./routes/session_parser.js";
import config from "./services/config.js";
import utils from "./services/utils.js";
import assets from "./routes/assets.js";
import routes from "./routes/routes.js";
@ -33,6 +34,17 @@ app.set("views", path.join(scriptDir, "views"));
app.set("view engine", "ejs");
app.use((req, res, next) => {
// set CORS header
if (config["Network"]["corsAllowOrigin"].length > 0) {
res.header("Access-Control-Allow-Origin", config["Network"]["corsAllowOrigin"]);
}
if (config["Network"]["corsAllowMethods"].length > 0) {
res.header("Access-Control-Allow-Methods", config["Network"]["corsAllowMethods"]);
}
if (config["Network"]["corsAllowHeaders"].length > 0) {
res.header("Access-Control-Allow-Headers", config["Network"]["corsAllowHeaders"]);
}
res.locals.t = t;
return next();
});

14
src/services/config.ts
View file

@ -29,6 +29,9 @@ export interface TriliumConfig {
certPath: string;
keyPath: string;
trustedReverseProxy: boolean | string;
corsAllowOrigin: string;
corsAllowMethods: string;
corsAllowHeaders: string;
};
Session: {
cookieMaxAge: number;
@ -79,7 +82,16 @@ const config: TriliumConfig = {
process.env.TRILIUM_NETWORK_KEYPATH || iniConfig.Network.keyPath || "",
trustedReverseProxy:
process.env.TRILIUM_NETWORK_TRUSTEDREVERSEPROXY || iniConfig.Network.trustedReverseProxy || false
process.env.TRILIUM_NETWORK_TRUSTEDREVERSEPROXY || iniConfig.Network.trustedReverseProxy || false,
corsAllowOrigin:
process.env.TRILIUM_CORS_ALLOW_ORIGIN || iniConfig.Network.corsAllowOrigin || "",
corsAllowMethods:
process.env.TRILIUM_CORS_ALLOW_METHODS || iniConfig.Network.corsAllowMethods || "",
corsAllowHeaders:
process.env.TRILIUM_CORS_ALLOW_HEADERS || iniConfig.Network.corsAllowHeaders || ""
},
Session: {