X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FApp%2FModule.php;h=5b7c3d15007bb11c995ae001f43027d87c1de708;hb=0e2e488521fbcf2d52dc8037ee6e9dd577fbf14c;hp=4b9eb68bdd085425242d2d4b70d7adf9a27ad754;hpb=9eca2c98ed92da0ba413f1a62d4860d74efbee51;p=friendica.git

diff --git a/src/App/Module.php b/src/App/Module.php
index 4b9eb68bdd..5b7c3d1500 100644
--- a/src/App/Module.php
+++ b/src/App/Module.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -24,12 +24,15 @@ namespace Friendica\App;
 use Friendica\App;
 use Friendica\BaseModule;
 use Friendica\Core;
+use Friendica\Core\Config\Capability\IManageConfigValues;
 use Friendica\LegacyModule;
 use Friendica\Module\Home;
 use Friendica\Module\HTTPException\MethodNotAllowed;
 use Friendica\Module\HTTPException\PageNotFound;
 use Friendica\Network\HTTPException\MethodNotAllowedException;
+use Friendica\Network\HTTPException\NoContentException;
 use Friendica\Network\HTTPException\NotFoundException;
+use Friendica\Util\Profiler;
 use Psr\Log\LoggerInterface;
 
 /**
@@ -62,7 +65,6 @@ class Module
 		'outbox',
 		'poco',
 		'post',
-		'proxy',
 		'pubsub',
 		'pubsubhubbub',
 		'receive',
@@ -168,15 +170,15 @@ class Module
 	/**
 	 * Determine the class of the current module
 	 *
-	 * @param Arguments           $args   The Friendica execution arguments
-	 * @param Router              $router The Friendica routing instance
-	 * @param Core\Config\IConfig $config The Friendica Configuration
+	 * @param Arguments                                             $args   The Friendica execution arguments
+	 * @param Router                                                $router The Friendica routing instance
+	 * @param IManageConfigValues $config The Friendica Configuration
 	 *
 	 * @return Module The determined module of this call
 	 *
 	 * @throws \Exception
 	 */
-	public function determineClass(Arguments $args, Router $router, Core\Config\IConfig $config)
+	public function determineClass(Arguments $args, Router $router, IManageConfigValues $config)
 	{
 		$printNotAllowedAddon = false;
 
@@ -234,10 +236,10 @@ class Module
 	 *
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
-	public function run(Core\L10n $l10n, App\BaseURL $baseUrl, LoggerInterface $logger, array $server, array $post)
+	public function run(Core\L10n $l10n, App\BaseURL $baseUrl, LoggerInterface $logger, Profiler $profiler, array $server, array $post)
 	{
 		if ($this->printNotAllowedAddon) {
-			info($l10n->t("You must be logged in to use addons. "));
+			notice($l10n->t("You must be logged in to use addons. "));
 		}
 
 		/* The URL provided does not resolve to a valid module.
@@ -264,17 +266,65 @@ class Module
 			$logger->debug('index.php: page not found.', ['request_uri' => $server['REQUEST_URI'], 'address' => $server['REMOTE_ADDR'], 'query' => $server['QUERY_STRING']]);
 		}
 
+		// @see https://github.com/tootsuite/mastodon/blob/c3aef491d66aec743a3a53e934a494f653745b61/config/initializers/cors.rb
+		if (substr($_REQUEST['pagename'] ?? '', 0, 12) == '.well-known/') {
+			header('Access-Control-Allow-Origin: *');
+			header('Access-Control-Allow-Headers: *');
+			header('Access-Control-Allow-Methods: ' . Router::GET);
+			header('Access-Control-Allow-Credentials: false');
+		} elseif (substr($_REQUEST['pagename'] ?? '', 0, 8) == 'profile/') {
+			header('Access-Control-Allow-Origin: *');
+			header('Access-Control-Allow-Headers: *');
+			header('Access-Control-Allow-Methods: ' . Router::GET);
+			header('Access-Control-Allow-Credentials: false');
+		} elseif (substr($_REQUEST['pagename'] ?? '', 0, 4) == 'api/') {
+			header('Access-Control-Allow-Origin: *');
+			header('Access-Control-Allow-Headers: *');
+			header('Access-Control-Allow-Methods: ' . implode(',', Router::ALLOWED_METHODS));
+			header('Access-Control-Allow-Credentials: false');
+			header('Access-Control-Expose-Headers: Link');
+		} elseif (substr($_REQUEST['pagename'] ?? '', 0, 11) == 'oauth/token') {
+			header('Access-Control-Allow-Origin: *');
+			header('Access-Control-Allow-Headers: *');
+			header('Access-Control-Allow-Methods: ' . Router::POST);
+			header('Access-Control-Allow-Credentials: false');
+		}
+
+		// @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS
+		// @todo Check allowed methods per requested path
+		if ($server['REQUEST_METHOD'] === Router::OPTIONS) {
+			header('Allow: ' . implode(',', Router::ALLOWED_METHODS));
+			throw new NoContentException();
+		}
+
 		$placeholder = '';
 
+		$profiler->set(microtime(true), 'ready');
+		$timestamp = microtime(true);
+
 		Core\Hook::callAll($this->module . '_mod_init', $placeholder);
 
 		call_user_func([$this->module_class, 'init'], $this->module_parameters);
 
-		if ($server['REQUEST_METHOD'] === 'POST') {
+		$profiler->set(microtime(true) - $timestamp, 'init');
+
+		if ($server['REQUEST_METHOD'] === Router::DELETE) {
+			call_user_func([$this->module_class, 'delete'], $this->module_parameters);
+		}
+
+		if ($server['REQUEST_METHOD'] === Router::PATCH) {
+			call_user_func([$this->module_class, 'patch'], $this->module_parameters);
+		}
+
+		if ($server['REQUEST_METHOD'] === Router::POST) {
 			Core\Hook::callAll($this->module . '_mod_post', $post);
 			call_user_func([$this->module_class, 'post'], $this->module_parameters);
 		}
 
+		if ($server['REQUEST_METHOD'] === Router::PUT) {
+			call_user_func([$this->module_class, 'put'], $this->module_parameters);
+		}
+
 		Core\Hook::callAll($this->module . '_mod_afterpost', $placeholder);
 		call_user_func([$this->module_class, 'afterpost'], $this->module_parameters);