move CORS allowance to the REST API router

diff --git a/server.ts b/server.ts
index 0cb0759e0de9f5a4cd013cc28ef320ad68e56394..5511c5435856fec72698f20295fa35e754d44267 100644 (file)
--- a/server.ts
+++ b/server.ts
@@ -84,22 +84,24 @@ import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-sch
 
 // ----------- App -----------
 
-// Enable CORS
-app.use((req, res, next) => {
-  // These routes have already cors
-  if (
-    req.path.indexOf(STATIC_PATHS.TORRENTS) === -1 &&
-    req.path.indexOf(STATIC_PATHS.WEBSEED) === -1
-  ) {
-    return (cors({
-      origin: '*',
-      exposedHeaders: 'Retry-After',
-      credentials: true
-    }))(req, res, next)
-  }
-
-  return next()
-})
+// Enable CORS for develop
+if (isTestInstance()) {
+  app.use((req, res, next) => {
+    // These routes have already cors
+    if (
+      req.path.indexOf(STATIC_PATHS.TORRENTS) === -1 &&
+      req.path.indexOf(STATIC_PATHS.WEBSEED) === -1
+    ) {
+      return (cors({
+        origin: '*',
+        exposedHeaders: 'Retry-After',
+        credentials: true
+      }))(req, res, next)
+    }
+
+    return next()
+  })
+}
 
 // For the logger
 app.use(morgan('combined', {

diff --git a/server/controllers/api/index.ts b/server/controllers/api/index.ts
index 8f63b9535c7f76b9c6bc94626be1c9289c631a9e..c386a6710acc981cd7b5fced089a243e0401095b 100644 (file)
--- a/server/controllers/api/index.ts
+++ b/server/controllers/api/index.ts
@@ -8,9 +8,16 @@ import { accountsRouter } from './accounts'
 import { videosRouter } from './videos'
 import { badRequest } from '../../helpers/express-utils'
 import { videoChannelRouter } from './video-channel'
+import * as cors from 'cors'
 
 const apiRouter = express.Router()
 
+apiRouter.use(cors({
+  origin: '*',
+  exposedHeaders: 'Retry-After',
+  credentials: true
+}))
+
 apiRouter.use('/server', serverRouter)
 apiRouter.use('/oauth-clients', oauthClientsRouter)
 apiRouter.use('/config', configRouter)