From ab1b0cc84043d6690dfae342ecdc35a3dffcffb2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Acid=20Chicken=20=28=E7=A1=AB=E9=85=B8=E9=B6=8F=29?=
 <root@acid-chicken.com>
Date: Thu, 16 Jan 2020 04:46:43 +0900
Subject: [PATCH] Allow CORS requests in /.well-known/* routes (#5717)

* Allow CORS requests in /.well-known/* routes

* Fix bug
---
 src/server/well-known.ts | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/server/well-known.ts b/src/server/well-known.ts
index 63837a9b70..08fe3e88f6 100644
--- a/src/server/well-known.ts
+++ b/src/server/well-known.ts
@@ -19,10 +19,25 @@ const XRD = (...x: { element: string, value?: string, attributes?: Record<string
 		typeof value === 'string' ? `>${escapeValue(value)}</${element}` : '/'
 	}>`).reduce((a, c) => a + c, '')}</XRD>`;
 
+const allPath = '/.well-known/*';
 const webFingerPath = '/.well-known/webfinger';
 const jrd = 'application/jrd+json';
 const xrd = 'application/xrd+xml';
 
+router.use(allPath, async (ctx, next) => {
+	ctx.set({
+		'Access-Control-Allow-Headers': 'Accept',
+		'Access-Control-Allow-Methods': 'GET, OPTIONS',
+		'Access-Control-Allow-Origin': '*',
+		'Access-Control-Expose-Headers': 'Vary',
+	});
+	await next();
+});
+
+router.options(allPath, async ctx => {
+	ctx.status = 204;
+});
+
 router.get('/.well-known/host-meta', async ctx => {
 	ctx.set('Content-Type', xrd);
 	ctx.body = XRD({ element: 'Link', attributes: {
@@ -123,7 +138,7 @@ router.get(webFingerPath, async ctx => {
 });
 
 // Return 404 for other .well-known
-router.all('/.well-known/*', async ctx => {
+router.all(allPath, async ctx => {
 	ctx.status = 404;
 });