Jayden/AFFiNE-Mirror
1
0
Fork 0
mirror of https://github.com/toeverything/AFFiNE.git synced 2026-02-14 21:27:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(electron): embeded youtube videos not playable (#12892)

Browse Source 
#### PR Dependency Tree


* **PR #12892** 👈

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- **Bug Fixes**
- Improved handling of CORS headers to ensure they are only removed for
responses from non-whitelisted domains, enhancing compatibility with
certain sites.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->


#### PR Dependency Tree


* **PR #12892** 👈
  * **PR #12895**

This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)
This commit is contained in:
Peng Xiao
2025-06-25 14:51:40 +08:00
committed by GitHub
parent c37df9fb94
commit e00a37cd00
1 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
packages/frontend/apps/electron/src/main/protocol.ts
View File

@@ -97,6 +97,13 @@ async function handleFileRequest(request: Request) {
return net.fetch(pathToFileURL(filepath).toString(), clonedRequest); return net.fetch(pathToFileURL(filepath).toString(), clonedRequest);
} }
// whitelist for cors
// url patterns that are allowed to have cors headers
const corsWhitelist = [
/^(?:[a-zA-Z0-9-]+\.)*googlevideo\.com$/,
/^(?:[a-zA-Z0-9-]+\.)*youtube\.com$/,
];
export function registerProtocol() { export function registerProtocol() {
protocol.handle('file', request => { protocol.handle('file', request => {
return handleFileRequest(request); return handleFileRequest(request);
@@ -108,7 +115,7 @@ export function registerProtocol() {
session.defaultSession.webRequest.onHeadersReceived( session.defaultSession.webRequest.onHeadersReceived(
(responseDetails, callback) => { (responseDetails, callback) => {
const { responseHeaders } = responseDetails; const { responseHeaders, url } = responseDetails;
(async () => { (async () => {
if (responseHeaders) { if (responseHeaders) {
const originalCookie = const originalCookie =
@@ -146,10 +153,13 @@ export function registerProtocol() {
} }
} }
delete responseHeaders['access-control-allow-origin']; const hostname = new URL(url).hostname;
delete responseHeaders['access-control-allow-headers']; if (!corsWhitelist.some(domainRegex => domainRegex.test(hostname))) {
delete responseHeaders['Access-Control-Allow-Origin']; delete responseHeaders['access-control-allow-origin'];
delete responseHeaders['Access-Control-Allow-Headers']; delete responseHeaders['access-control-allow-headers'];
delete responseHeaders['Access-Control-Allow-Origin'];
delete responseHeaders['Access-Control-Allow-Headers'];
}
} }
})() })()
.catch(err => { .catch(err => {