summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api
diff options
context:
space:
mode:
Diffstat (limited to 'packages/backend/src/server/api')
-rw-r--r--packages/backend/src/server/api/mastodon/MastodonApiServerService.ts15
1 files changed, 15 insertions, 0 deletions
diff --git a/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts b/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts
index 517beb4f44..d7afc1254e 100644
--- a/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts
+++ b/packages/backend/src/server/api/mastodon/MastodonApiServerService.ts
@@ -55,7 +55,22 @@ export class MastodonApiServerService {
});
fastify.addHook('onRequest', (_, reply, done) => {
+ // Allow web-based clients to connect from other origins.
reply.header('Access-Control-Allow-Origin', '*');
+
+ // Mastodon uses all types of request methods.
+ reply.header('Access-Control-Allow-Methods', '*');
+
+ // Allow web-based clients to access Link header - required for mastodon pagination.
+ // https://stackoverflow.com/a/54928828
+ // https://docs.joinmastodon.org/api/guidelines/#pagination
+ // https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Access-Control-Expose-Headers
+ reply.header('Access-Control-Expose-Headers', 'Link');
+
+ // Cache to avoid extra pre-flight requests
+ // https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Access-Control-Max-Age
+ reply.header('Access-Control-Max-Age', 60 * 60 * 24); // 1 day in seconds
+
done();
});
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 15:42:43 +0000