From 63fef6e6d04b07fc1c58d9448f44fe5e96df5728 Mon Sep 17 00:00:00 2001 From: Diego Sampaio Date: Tue, 17 Dec 2024 15:12:36 -0300 Subject: [PATCH] refactor: configureCORS --- apps/meteor/app/cors/server/cors.ts | 18 +++++++----------- apps/meteor/server/main.ts | 2 ++ apps/meteor/server/startup/configureCORS.ts | 11 +++++++++++ 3 files changed, 20 insertions(+), 11 deletions(-) create mode 100644 apps/meteor/server/startup/configureCORS.ts diff --git a/apps/meteor/app/cors/server/cors.ts b/apps/meteor/app/cors/server/cors.ts index 309053014016..745911654f14 100644 --- a/apps/meteor/app/cors/server/cors.ts +++ b/apps/meteor/app/cors/server/cors.ts @@ -15,8 +15,6 @@ type NextFunction = (err?: any) => void; const logger = new Logger('CORS'); -let templatePromise: Promise | void; - declare module 'meteor/webapp' { // eslint-disable-next-line @typescript-eslint/no-namespace namespace WebApp { @@ -24,12 +22,10 @@ declare module 'meteor/webapp' { } } -settings.watch( - 'Enable_CSP', - Meteor.bindEnvironment(async (enabled) => { - templatePromise = WebAppInternals.setInlineScriptsAllowed(!enabled); - }), -); +let templatePromise: Promise | void; +export async function setInlineScriptsAllowed(allowed: boolean): Promise { + templatePromise = WebApp.setInlineScriptsAllowed(!allowed); +} WebApp.rawConnectHandlers.use(async (_req: http.IncomingMessage, res: http.ServerResponse, next: NextFunction) => { if (templatePromise) { @@ -104,9 +100,9 @@ declare module 'meteor/webapp' { } let cachingVersion = ''; -settings.watch('Troubleshoot_Force_Caching_Version', (value) => { - cachingVersion = String(value).trim(); -}); +export function setCachingVersion(value: string): void { + cachingVersion = value.trim(); +} // @ts-expect-error - accessing internal property of webapp WebAppInternals.staticFilesMiddleware = function ( diff --git a/apps/meteor/server/main.ts b/apps/meteor/server/main.ts index a63ebb015c31..6d076811e5d9 100644 --- a/apps/meteor/server/main.ts +++ b/apps/meteor/server/main.ts @@ -13,6 +13,7 @@ import { registerServices } from './services/startup'; import { startup } from './startup'; import { configureBoilerplate } from './startup/configureBoilerplate'; import { configureCDN } from './startup/configureCDN'; +import { configureCORS } from './startup/configureCORS'; import { configureDirectReply } from './startup/configureDirectReply'; import { configureIRC } from './startup/configureIRC'; import { configureFederation } from './startup/settings'; @@ -42,6 +43,7 @@ await Promise.all([configureLoginServices(), startFederationService()]); await Promise.all([ configureAssets(settings), + configureCORS(settings), configureCDN(settings), configurePushNotifications(settings), configureBoilerplate(settings), diff --git a/apps/meteor/server/startup/configureCORS.ts b/apps/meteor/server/startup/configureCORS.ts new file mode 100644 index 000000000000..360d7536468c --- /dev/null +++ b/apps/meteor/server/startup/configureCORS.ts @@ -0,0 +1,11 @@ +import { setCachingVersion, setInlineScriptsAllowed } from '../../app/cors/server/cors'; +import type { ICachedSettings } from '../../app/settings/server/CachedSettings'; + +export async function configureCORS(settings: ICachedSettings): Promise { + settings.watch('Enable_CSP', async (enabled) => { + await setInlineScriptsAllowed(!enabled); + }); + settings.watch('Troubleshoot_Force_Caching_Version', (value) => { + setCachingVersion(value); + }); +}