diff --git a/ghost/core/core/frontend/web/middleware/handle-image-sizes.js b/ghost/core/core/frontend/web/middleware/handle-image-sizes.js index edc5ba857f..3530a945bd 100644 --- a/ghost/core/core/frontend/web/middleware/handle-image-sizes.js +++ b/ghost/core/core/frontend/web/middleware/handle-image-sizes.js @@ -13,6 +13,9 @@ const FORMAT_PATH_REGEX = /^\/format\/([^./]+)\//; const TRAILING_SLASH_REGEX = /\/+$/; module.exports = function (req, res, next) { + // In admin we need to read images and calculate the average color (blocked by CORS otherwise) + res.setHeader('Access-Control-Allow-Origin', '*'); + if (!SIZE_PATH_REGEX.test(req.url)) { return next(); } diff --git a/ghost/core/core/frontend/web/middleware/serve-public-file.js b/ghost/core/core/frontend/web/middleware/serve-public-file.js index 7ea0389e7c..3688192674 100644 --- a/ghost/core/core/frontend/web/middleware/serve-public-file.js +++ b/ghost/core/core/frontend/web/middleware/serve-public-file.js @@ -46,8 +46,6 @@ function createPublicFileMiddleware(location, file, mime, maxAge) { // send image files directly and let express handle content-length, etag, etc if (mime.match(/^image/)) { - // In admin we need to read images and calculate the average color (blocked by CORS otherwise) - res.setHeader('Access-Control-Allow-Origin', '*'); return res.sendFile(filePath, (err) => { if (err && err.status === 404) { // ensure we're triggering basic asset 404 and not a templated 404 diff --git a/ghost/core/test/unit/frontend/web/middleware/handle-image-sizes.test.js b/ghost/core/test/unit/frontend/web/middleware/handle-image-sizes.test.js index 0a1aaba3ac..80777ddd20 100644 --- a/ghost/core/test/unit/frontend/web/middleware/handle-image-sizes.test.js +++ b/ghost/core/test/unit/frontend/web/middleware/handle-image-sizes.test.js @@ -5,6 +5,10 @@ const activeTheme = require('../../../../../core/frontend/services/theme-engine/ const handleImageSizes = require('../../../../../core/frontend/web/middleware/handle-image-sizes.js'); const imageTransform = require('@tryghost/image-transform'); +const fakeResBase = { + setHeader() {} +}; + // @TODO make these tests lovely and non specific to implementation describe('handleImageSizes middleware', function () { this.afterEach(function () { @@ -19,7 +23,7 @@ describe('handleImageSizes middleware', function () { fakeReq.url.match = function () { throw new Error('Should have exited immediately'); }; - handleImageSizes(fakeReq, {}, function next() { + handleImageSizes(fakeReq, fakeResBase, function next() { done(); }); }); @@ -32,7 +36,7 @@ describe('handleImageSizes middleware', function () { fakeReq.url.match = function () { throw new Error('Should have exited immediately'); }; - handleImageSizes(fakeReq, {}, function next() { + handleImageSizes(fakeReq, fakeResBase, function next() { done(); }); }); @@ -45,7 +49,7 @@ describe('handleImageSizes middleware', function () { fakeReq.url.match = function () { throw new Error('Should have exited immediately'); }; - handleImageSizes(fakeReq, {}, function next() { + handleImageSizes(fakeReq, fakeResBase, function next() { done(); }); }); @@ -58,7 +62,7 @@ describe('handleImageSizes middleware', function () { fakeReq.url.match = function () { throw new Error('Should have exited immediately'); }; - handleImageSizes(fakeReq, {}, function next() { + handleImageSizes(fakeReq, fakeResBase, function next() { done(); }); }); @@ -71,7 +75,7 @@ describe('handleImageSizes middleware', function () { fakeReq.url.match = function () { throw new Error('Should have exited immediately'); }; - handleImageSizes(fakeReq, {}, function next() { + handleImageSizes(fakeReq, fakeResBase, function next() { done(); }); }); @@ -139,7 +143,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { if (err) { @@ -162,7 +167,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { if (err) { @@ -185,7 +191,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { if (err) { @@ -220,7 +227,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -246,7 +254,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -272,7 +281,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -297,7 +307,8 @@ describe('handleImageSizes middleware', function () { const fakeRes = { redirect() { done(new Error('Should not have called redirect')); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -323,7 +334,8 @@ describe('handleImageSizes middleware', function () { const fakeRes = { redirect() { done(new Error('Should not have called redirect')); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -355,7 +367,8 @@ describe('handleImageSizes middleware', function () { redirect() { done(new Error('Should not have called redirect')); }, - type: function () {} + type: function () {}, + setHeader() {} }; const typeStub = sinon.spy(fakeRes, 'type'); @@ -390,7 +403,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -418,7 +432,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -446,7 +461,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -474,7 +490,8 @@ describe('handleImageSizes middleware', function () { return done(e); } done(); - } + }, + setHeader() {} }; handleImageSizes(fakeReq, fakeRes, function next(err) { @@ -498,6 +515,7 @@ describe('handleImageSizes middleware', function () { redirect() { done(new Error('Should not have called redirect')); }, + setHeader() {}, type: function () {} }; const typeStub = sinon.spy(fakeRes, 'type'); @@ -532,6 +550,7 @@ describe('handleImageSizes middleware', function () { redirect() { done(new Error('Should not have called redirect')); }, + setHeader() {}, type: function () {} }; const typeStub = sinon.spy(fakeRes, 'type'); @@ -566,6 +585,7 @@ describe('handleImageSizes middleware', function () { redirect() { done(new Error('Should not have called redirect')); }, + setHeader() {}, type: function () {} }; const typeStub = sinon.spy(fakeRes, 'type'); @@ -600,6 +620,7 @@ describe('handleImageSizes middleware', function () { redirect() { done(new Error('Should not have called redirect')); }, + setHeader() {}, type: function () {} }; const typeStub = sinon.spy(fakeRes, 'type'); @@ -634,6 +655,7 @@ describe('handleImageSizes middleware', function () { redirect() { done(new Error('Should not have called redirect')); }, + setHeader() {}, type: function () {} }; const typeStub = sinon.spy(fakeRes, 'type');