Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-31 10:26:08 +01:00
Code Issues Packages Projects Releases Activity

Merge pull request #1724 from yiranlus/develop

Browse Source 
Allow setting CORS headers
This commit is contained in:
Elian Doran
2025-04-17 19:52:34 +03:00
committed by GitHub
parent 26ed302d3b e6ccd88abb
commit 6ca49e977d
3 changed files with 30 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
config-sample.ini
View File

@@ -25,6 +25,11 @@ keyPath=
# expressjs shortcuts are supported: loopback(127.0.0.1/8, ::1/128), linklocal(169.254.0.0/16, fe80::/10), uniquelocal(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7) # expressjs shortcuts are supported: loopback(127.0.0.1/8, ::1/128), linklocal(169.254.0.0/16, fe80::/10), uniquelocal(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7)
trustedReverseProxy=false trustedReverseProxy=false
# setting the CORS headers for cross-origin requests
# corsAllowOrigin='*'
# corsAllowMethods='GET,POST,PUT,DELETE,PATCH'
# corsAllowHeaders='Content-Type,Authorization'
[Session] [Session]
# Use this setting to set a custom value for the "Max-Age" Attribute of the session cookie. # Use this setting to set a custom value for the "Max-Age" Attribute of the session cookie.

12
src/app.ts
View File

@@ -7,6 +7,7 @@ import compression from "compression";
import { fileURLToPath } from "url"; import { fileURLToPath } from "url";
import { dirname } from "path"; import { dirname } from "path";
import sessionParser from "./routes/session_parser.js"; import sessionParser from "./routes/session_parser.js";
import config from "./services/config.js";
import utils from "./services/utils.js"; import utils from "./services/utils.js";
import assets from "./routes/assets.js"; import assets from "./routes/assets.js";
import routes from "./routes/routes.js"; import routes from "./routes/routes.js";
@@ -33,6 +34,17 @@ app.set("views", path.join(scriptDir, "views"));
app.set("view engine", "ejs"); app.set("view engine", "ejs");
app.use((req, res, next) => { app.use((req, res, next) => {
// set CORS header
if (config["Network"]["corsAllowOrigin"]) {
res.header("Access-Control-Allow-Origin", config["Network"]["corsAllowOrigin"]);
}
if (config["Network"]["corsAllowMethods"]) {
res.header("Access-Control-Allow-Methods", config["Network"]["corsAllowMethods"]);
}
if (config["Network"]["corsAllowHeaders"]) {
res.header("Access-Control-Allow-Headers", config["Network"]["corsAllowHeaders"]);
}
res.locals.t = t; res.locals.t = t;
return next(); return next();
}); });

14
src/services/config.ts
View File

@@ -29,6 +29,9 @@ export interface TriliumConfig {
certPath: string; certPath: string;
keyPath: string; keyPath: string;
trustedReverseProxy: boolean | string; trustedReverseProxy: boolean | string;
corsAllowOrigin: string;
corsAllowMethods: string;
corsAllowHeaders: string;
}; };
Session: { Session: {
cookieMaxAge: number; cookieMaxAge: number;
@@ -79,7 +82,16 @@ const config: TriliumConfig = {
process.env.TRILIUM_NETWORK_KEYPATH || iniConfig.Network.keyPath || "", process.env.TRILIUM_NETWORK_KEYPATH || iniConfig.Network.keyPath || "",
trustedReverseProxy: trustedReverseProxy:
process.env.TRILIUM_NETWORK_TRUSTEDREVERSEPROXY || iniConfig.Network.trustedReverseProxy || false process.env.TRILIUM_NETWORK_TRUSTEDREVERSEPROXY || iniConfig.Network.trustedReverseProxy || false,
corsAllowOrigin:
process.env.TRILIUM_NETWORK_CORS_ALLOW_ORIGIN || iniConfig.Network.corsAllowOrigin || "",
corsAllowMethods:
process.env.TRILIUM_NETWORK_CORS_ALLOW_METHODS || iniConfig.Network.corsAllowMethods || "",
corsAllowHeaders:
process.env.TRILIUM_NETWORK_CORS_ALLOW_HEADERS || iniConfig.Network.corsAllowHeaders || ""
}, },
Session: { Session: {