Whitelist Campus-Flutter Web App for CORS #252
Comments
|
I have not tested that this works, but given what had to be configured, I don't see where it would not => closed this issue |
Thank you for helping @CommanderStorm! Unfortunately I still experience CORS error in 0.3.0 :/ or is that something I need to fix on the client side? |
|
I have removed all cors-protection by whitelisting any domain to do cors-request (see c2cf614). Found this site and testing seems promising ^^ |
|
Thanks again @CommanderStorm! I hope this is not a security issue :D I still experience CORS errors for the images of the news entries. But I am not sure if we can influence that 
|
|
We should actually already scrape the images and host them ourselves. I wonder if we have an issue with that currently 🤔 |
|
https://github.com/TUM-Dev/Campus-Backend/blob/c2cf61443b7003a616db9d50d3755d9242092a95/server/backend/cron/news.go#L121C18-L121C18 We're downloading the file but save the link to the source image in the database it seems |
|
Actually, we are already serving images: #256 |
|
This works in theory but the news recently have https://api.tum.app/files/news/sources/src_1.png set as |
|
cannot reproduce for news Have looked at the sources: |
@CommanderStorm Please take a look at a request like https://api.tum.app/v1/news/-1?oldestDateAt=2023-09-12T20%3A17%3A46.384Z, every news entry has https://api.tum.app/files/news/sources/src_1.png for |
|
I have fixed the entries pointing to this. |
|
Thank you @CommanderStorm! I used |
|
For some news providers (f.ex. newsspread), if we did not catch the images in time, they are gone. |
Because of the current CORS protection we currently have to use a proxy server to ensure proper testing of the beta web app. Because this is not a good practice it would be great if the Backend could whitelist web.tum.app to ensure proper loading of endpoints and images. Thank you!
The text was updated successfully, but these errors were encountered: