b0esche/b0esche_cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refine CORS settings in file download handlers and update viewer behavior for mobile and authenticated web

Browse Source
This commit is contained in:
Leon Bösche
2026-01-25 20:24:07 +01:00
parent ad882ae509
commit 5dd6d79d4c
3 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
b0esche_cloud/lib/widgets/file_viewer_dispatch.dart
View File

@@ -140,10 +140,17 @@ class FileViewerDispatch {
); );
} }
return Container( Widget viewerChild = child;
color: AppTheme.primaryBackground, if (!(kIsWeb && token == null)) {
child: InteractiveViewer(minScale: 0.5, maxScale: 4.0, child: child), // Use InteractiveViewer for mobile or authenticated web
viewerChild = InteractiveViewer(
minScale: 0.5,
maxScale: 4.0,
child: child,
); );
}
return Container(color: AppTheme.primaryBackground, child: viewerChild);
} else { } else {
return Container( return Container(
color: AppTheme.primaryBackground, color: AppTheme.primaryBackground,

BIN
go_cloud/bin/api
View File

Binary file not shown.

8
go_cloud/internal/http/routes.go
View File

@@ -2417,7 +2417,9 @@ func downloadOrgFileHandler(w http.ResponseWriter, r *http.Request, db *database
// which supports all common video/audio/image formats // which supports all common video/audio/image formats
contentType := getMimeType(fileName) contentType := getMimeType(fileName)
w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Origin", "https://www.b0esche.cloud")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.Header().Set("Access-Control-Allow-Headers", "Authorization, Range")
w.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=\"%s\"", fileName)) w.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=\"%s\"", fileName))
w.Header().Set("Content-Type", contentType) w.Header().Set("Content-Type", contentType)
w.Header().Set("Accept-Ranges", "bytes") w.Header().Set("Accept-Ranges", "bytes")
@@ -2565,7 +2567,9 @@ func downloadUserFileHandler(w http.ResponseWriter, r *http.Request, db *databas
// which supports all common video/audio/image formats // which supports all common video/audio/image formats
contentType := getMimeType(fileName) contentType := getMimeType(fileName)
w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Origin", "https://www.b0esche.cloud")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.Header().Set("Access-Control-Allow-Headers", "Authorization, Range")
w.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=\"%s\"", fileName)) w.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=\"%s\"", fileName))
w.Header().Set("Content-Type", contentType) w.Header().Set("Content-Type", contentType)
w.Header().Set("Accept-Ranges", "bytes") w.Header().Set("Accept-Ranges", "bytes")