From 363eaedbef1fdbb610f5c92b08456fb7adecee7b Mon Sep 17 00:00:00 2001 From: James Reidy Date: Fri, 31 May 2024 17:37:50 -0400 Subject: [PATCH 1/4] DACCESS-314 - add rack-cors --- blacklight-cornell/Gemfile | 1 + blacklight-cornell/Gemfile.lock | 3 +++ 2 files changed, 4 insertions(+) diff --git a/blacklight-cornell/Gemfile b/blacklight-cornell/Gemfile index afc30bf0f..01cf9a7b2 100644 --- a/blacklight-cornell/Gemfile +++ b/blacklight-cornell/Gemfile @@ -147,3 +147,4 @@ gem 'uri', '0.12.2' # gem 'pkg-config', '1.5.4' gem 'status-page' gem 'concurrent-ruby', '1.2.3', require: 'concurrent' +gem "rack-cors", require: "rack/cors" diff --git a/blacklight-cornell/Gemfile.lock b/blacklight-cornell/Gemfile.lock index 9c8fa9072..5a18c41e6 100644 --- a/blacklight-cornell/Gemfile.lock +++ b/blacklight-cornell/Gemfile.lock @@ -618,6 +618,8 @@ GEM rack (2.2.9) rack-contrib (2.4.0) rack (< 4) + rack-cors (2.0.2) + rack (>= 2.0.0) rack-protection (3.2.0) base64 (>= 0.1.0) rack (~> 2.2, >= 2.2.4) @@ -928,6 +930,7 @@ DEPENDENCIES pry pry-byebug puma (~> 6.4, >= 6.4.2) + rack-cors rails (~> 6.1.7) rb-inotify rb-readline (~> 0.5.x) From 657da9ba4f9a5d63d7f25be8181d51a8c341f0c8 Mon Sep 17 00:00:00 2001 From: James Reidy Date: Fri, 31 May 2024 17:38:30 -0400 Subject: [PATCH 2/4] DACCESS-314 - initializer for rack-cors --- blacklight-cornell/config/initializers/cors.rb | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 blacklight-cornell/config/initializers/cors.rb diff --git a/blacklight-cornell/config/initializers/cors.rb b/blacklight-cornell/config/initializers/cors.rb new file mode 100644 index 000000000..42e162f4a --- /dev/null +++ b/blacklight-cornell/config/initializers/cors.rb @@ -0,0 +1,8 @@ +Rails.application.config.middleware.insert_before 0, Rack::Cors do + allow do + origins "*.library.cornell.edu" # adjust this if you want to limit origins + resource "*", + headers: :any, + methods: [:get, :post, :put, :patch, :delete, :options, :head] + end +end From c5f3b190e264d7f3f387e03f2a81eb3d8d714785 Mon Sep 17 00:00:00 2001 From: James Reidy Date: Fri, 31 May 2024 17:39:12 -0400 Subject: [PATCH 3/4] DACCESS-314 - override CORS for status page --- blacklight-cornell/app/controllers/status_page.rb | 5 +++++ blacklight-cornell/config/application.rb | 8 ++++++++ 2 files changed, 13 insertions(+) create mode 100644 blacklight-cornell/app/controllers/status_page.rb diff --git a/blacklight-cornell/app/controllers/status_page.rb b/blacklight-cornell/app/controllers/status_page.rb new file mode 100644 index 000000000..fb1db732b --- /dev/null +++ b/blacklight-cornell/app/controllers/status_page.rb @@ -0,0 +1,5 @@ +class StatusController < ApplicationController + def index + render html: StatusPage.check.html + end +end diff --git a/blacklight-cornell/config/application.rb b/blacklight-cornell/config/application.rb index cbb11aa84..a07582c8b 100644 --- a/blacklight-cornell/config/application.rb +++ b/blacklight-cornell/config/application.rb @@ -98,6 +98,14 @@ class Application < Rails::Application # Search results limit, to prevent deep paging issues config.search_limit = 20000 + + config.middleware.insert_before 0, Rack::Cors do + allow do + origins "https://amplify-pages.d9ohqorlfrbif.amplifyapp.com", "*.library.cornell.edu" + resource "/status", headers: :any, methods: [:get] + resource '/status.json', headers: :any, methods: [:get] + end + end end end if true From da45b2ba5835cdc0821ff0fe91f69370df91d854 Mon Sep 17 00:00:00 2001 From: James Reidy Date: Fri, 31 May 2024 17:42:04 -0400 Subject: [PATCH 4/4] DACCESS-314 - route to handle status CORS override --- blacklight-cornell/config/routes.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/blacklight-cornell/config/routes.rb b/blacklight-cornell/config/routes.rb index 3cafb1105..ceac2b921 100644 --- a/blacklight-cornell/config/routes.rb +++ b/blacklight-cornell/config/routes.rb @@ -234,4 +234,6 @@ # put 'aeon/scan_aeon/:id' => 'aeon#scan_aeon', :as => 'scan_paeon', :constraints => { :id => /.+/} mount BlacklightCornellRequests::Engine => '/request', :as => 'blacklight_cornell_request' mount MyAccount::Engine => '/myaccount', :as => 'my_account' + + get "/status", to: "status#index" end