Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-03-11 02:12:21 -05:00
Code Issues Activity

🐛 Added CORS support to the v2 Content API (#10257)

Browse source 
no-issue

When trying to use /api/v2/content from a different domain, the requests
were failing with CORS errors. This doesn't use the shared cors middleware,
because it should be open to all hosts, and not locked down via our
whitelist or trusted domains.
This commit is contained in:
Fabien O'Carroll 2018-12-11 11:44:12 +07:00 committed by GitHub
parent 31269de7c3
commit dcfaecfe92
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
core/server/web/api/v2/content/routes.js
View file

@ -1,10 +1,13 @@
const express = require('express');
const cors = require('cors');
const apiv2 = require('../../../../api/v2');
const mw = require('./middleware');
module.exports = function apiRoutes() {
const router = express.Router();
router.options('*', cors());
// ## Posts
router.get('/posts', mw.authenticatePublic, apiv2.http(apiv2.posts.browse));
router.get('/posts/:id', mw.authenticatePublic, apiv2.http(apiv2.posts.read));