DEV: enable cors to all cdn get requests from workbox. (#10685)

Now all external requests from the service worker will be in CORS mode without credentials.
2025-05-22 18:11:11 +08:00 · 2020-10-28 23:36:19 +05:30
parent f70042860b
commit e3de45359f
21 changed files with 391 additions and 8 deletions
--- a/spec/requests/static_controller_spec.rb
+++ b/spec/requests/static_controller_spec.rb
@ -116,6 +116,25 @@ describe StaticController do
        File.delete(file_path)
      end
    end
+
+    it 'has correct cors headers for brotli assets' do
+      begin
+        assets_path = Rails.root.join("public/assets")
+
+        FileUtils.mkdir_p(assets_path)
+
+        file_path = assets_path.join("test.js.br")
+        File.write(file_path, 'fake brotli file')
+        GlobalSetting.stubs(:cdn_url).returns("https://www.example.com/")
+
+        get "/brotli_asset/test.js"
+
+        expect(response.status).to eq(200)
+        expect(response.headers["Access-Control-Allow-Origin"]).to match("*")
+      ensure
+        File.delete(file_path)
+      end
+    end
  end

  context '#cdn_asset' do