feat(webdav3): enhance CORS support for /commoserve/ proxy and update routing logic

2026-06-15 15:55:22 -04:00 · 2026-06-15 15:55:22 -04:00 · e3f7ba9c19
commit e3f7ba9c19
parent c289ffd477
1 changed files with 16 additions and 7 deletions
--- a/webdav3.py
+++ b/webdav3.py
@ -550,8 +550,8 @@ class DAVRequestHandler(BaseHTTPRequestHandler):
      self.send_header('Content-Length', '0')
      self.end_headers()
      return
-    # CORS preflight for /leet/ proxy
-    if self.path.startswith('/leet/'):
+    # CORS preflight for /leet/ and /commoserve/ proxies
+    if self.path.startswith('/leet/') or self.path.startswith('/commoserve/'):
      self.send_response(204)
      self.send_header('Access-Control-Allow-Origin', '*')
      self.send_header('Access-Control-Allow-Methods', 'GET, OPTIONS')
@ -855,11 +855,13 @@ class DAVRequestHandler(BaseHTTPRequestHandler):
  # ── Leet API proxy ─────────────────────────────────────────────────────────
  # Browsers cannot override the User-Agent header (Fetch spec §forbidden
  # header names).  Assembly64 returns HTTP 463 for non-matching UAs.
-  # Requests to /leet/<path> are forwarded to hackerswithstyle.se with the
-  # required headers added server-side.
+  # commoserve.files.commodore.net also lacks CORS headers on AQL endpoints.
+  #
+  # Routes:
+  #   GET /leet/*          → https://hackerswithstyle.se/leet/*
+  #   GET /commoserve/*    → https://commoserve.files.commodore.net/leet/*

-  def _proxy_leet(self):
-    target = 'https://hackerswithstyle.se' + self.path
+  def _proxy_leet(self, target: str):
    try:
      req = urllib.request.Request(target, headers={
        'User-Agent': 'Assembly Query',
@ -870,6 +872,7 @@ class DAVRequestHandler(BaseHTTPRequestHandler):
        body = resp.read()
        ct   = resp.headers.get('Content-Type', 'application/octet-stream')
      self.send_response(200)
+      self.send_header('Access-Control-Allow-Origin', '*')
      self.send_header('Content-Type', ct)
      self.send_header('Content-Length', str(len(body)))
      self.end_headers()
@ -879,6 +882,7 @@ class DAVRequestHandler(BaseHTTPRequestHandler):
      _log('LEET', f'Proxy error: {self.path} → {e}')
      body = json.dumps({'error': str(e)}).encode('utf-8')
      self.send_response(502)
+      self.send_header('Access-Control-Allow-Origin', '*')
      self.send_header('Content-Type', 'application/json')
      self.send_header('Content-Length', str(len(body)))
      self.end_headers()
@ -890,7 +894,12 @@ class DAVRequestHandler(BaseHTTPRequestHandler):
      self._handle_websocket()
      return
    if self.path.startswith('/leet/'):
-      self._proxy_leet()
+      self._proxy_leet('https://hackerswithstyle.se' + self.path)
+      return
+    if self.path.startswith('/commoserve/'):
+      # /commoserve/search/categories → /leet/search/categories on commoserve server
+      leet_path = '/leet' + self.path[len('/commoserve'):]
+      self._proxy_leet('https://commoserve.files.commodore.net' + leet_path)
      return
    if self.WebAuth():
      return