From d8c150f9121cbcd4f03d7ec06ce281a9339f0138 Mon Sep 17 00:00:00 2001 From: "Alexander Nicholson 4584443+DragonStuff@users.noreply.github.com" <4584443+DragonStuff@users.noreply.github.com> Date: Tue, 12 Nov 2024 02:03:40 +0900 Subject: [PATCH] fix: allow subdomain regex --- Caddyfile | 45 +++++++++++++++++++++------------------------ 1 file changed, 21 insertions(+), 24 deletions(-) diff --git a/Caddyfile b/Caddyfile index ad82faf..d3c60ee 100644 --- a/Caddyfile +++ b/Caddyfile @@ -5,40 +5,37 @@ email ${MAPS_EMAIL} } - (cors) { - @cors_preflight{args.0} method OPTIONS - @cors{args.0} header Origin {args.0} + @origin header Origin {args.0} + header @origin { + Access-Control-Allow-Origin "{header.Origin}" + Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS" + Access-Control-Allow-Headers "*" + Access-Control-Allow-Credentials "true" + Access-Control-Max-Age "3600" + defer + } +} - handle @cors_preflight{args.0} { - header { - Access-Control-Allow-Origin "{args.0}" - Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS" - Access-Control-Allow-Headers * - Access-Control-Max-Age "3600" - defer - } - respond "" 204 +${MAPS_DOMAIN} { + # Match any subdomain pattern for CORS + @allowed_origins { + expression {header.Origin}.matches('^https://([a-zA-Z0-9-]+\\.)*${MAPS_SERVE_DOMAIN}$') } - handle @cors{args.0} { - header { - Access-Control-Allow-Origin "{args.0}" - Access-Control-Expose-Headers * - defer - } + header @allowed_origins { + Access-Control-Allow-Origin "{header.Origin}" + Access-Control-Allow-Methods "*" + Access-Control-Allow-Headers "*" + Access-Control-Allow-Credentials "true" + Access-Control-Max-Age "3600" + defer } -} -${MAPS_DOMAIN} { - import cors https://${MAPS_SERVE_DOMAIN} - import cors https://www.${MAPS_SERVE_DOMAIN} - import cors https://*.${MAPS_SERVE_DOMAIN} handle_path /tiles/* { pmtiles_proxy { bucket ${MAPS_PMTILES_LOCATION} cache_size 19000 - # used to embed a tiles URL in TileJSON. public_url https://${MAPS_DOMAIN}/tiles } }