From 66bb702aca61e0232db63a6394f0fded5edcabdf Mon Sep 17 00:00:00 2001 From: "nicolas.dorier" Date: Sat, 2 Feb 2019 13:57:17 +0900 Subject: [PATCH] Fix CORS for bitpay API again --- BTCPayServer/Hosting/BTCpayMiddleware.cs | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/BTCPayServer/Hosting/BTCpayMiddleware.cs b/BTCPayServer/Hosting/BTCpayMiddleware.cs index c8ed54d77..26fa81093 100644 --- a/BTCPayServer/Hosting/BTCpayMiddleware.cs +++ b/BTCPayServer/Hosting/BTCpayMiddleware.cs @@ -82,34 +82,33 @@ namespace BTCPayServer.Hosting var isJson = (httpContext.Request.ContentType ?? string.Empty).StartsWith("application/json", StringComparison.OrdinalIgnoreCase); var path = httpContext.Request.Path.Value; var method = httpContext.Request.Method; + var isCors = method == "OPTIONS"; - isJson = method == "OPTIONS" ? true : isJson; if ( - bitpayAuth && + (isCors || bitpayAuth) && (path == "/invoices" || path == "/invoices/") && - (method == "POST" || method == "OPTIONS") && - isJson) + (isCors || (method == "POST" && isJson))) return true; if ( - bitpayAuth && + (isCors || bitpayAuth) && (path == "/invoices" || path == "/invoices/") && - (method == "GET" || method == "OPTIONS")) + (isCors || method == "GET")) return true; if ( - path.StartsWith("/invoices/", StringComparison.OrdinalIgnoreCase) && - (method == "GET" || method == "OPTIONS") && - (isJson || httpContext.Request.Query.ContainsKey("token"))) + path.StartsWith("/invoices/", StringComparison.OrdinalIgnoreCase) && + (isCors || method == "GET") && + (isCors || isJson || httpContext.Request.Query.ContainsKey("token"))) return true; if (path.StartsWith("/rates", StringComparison.OrdinalIgnoreCase) && - (method == "GET" || method == "OPTIONS")) + (isCors || method == "GET")) return true; if ( path.Equals("/tokens", StringComparison.Ordinal) && - (method == "GET" || method == "POST" || method == "OPTIONS")) + (isCors || method == "GET" || method == "POST")) return true; return false;