From c5bcc25c97c9e244c17771d16b2f08bcb931b8e3 Mon Sep 17 00:00:00 2001 From: Gustavo Ocanto Date: Fri, 25 Jul 2025 11:18:48 +0800 Subject: [PATCH 1/2] wip --- caddy/Caddyfile.local | 4 ++-- caddy/Caddyfile.prod | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/caddy/Caddyfile.local b/caddy/Caddyfile.local index b2013e35..8fc0cc48 100644 --- a/caddy/Caddyfile.local +++ b/caddy/Caddyfile.local @@ -16,7 +16,7 @@ header { Access-Control-Allow-Origin "http://localhost:5173" # allows the Vue app (running on localhost:5173) to make requests. Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" # Specifies which methods are allowed. - Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent" # allows the custom headers needed by the API. + Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent, If-None-Match" # allows the custom headers needed by the API. } # This handles the browser's "preflight" OPTIONS request. @@ -29,7 +29,7 @@ # Reflect the Origin back so it's always allowed header Access-Control-Allow-Origin "{http.request.header.Origin}" header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" - header Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent" + header Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent, If-None-Match" header Access-Control-Max-Age "86400" respond 204 } diff --git a/caddy/Caddyfile.prod b/caddy/Caddyfile.prod index 07a90b9e..4024d938 100644 --- a/caddy/Caddyfile.prod +++ b/caddy/Caddyfile.prod @@ -34,7 +34,7 @@ oullin.io { header { Access-Control-Allow-Origin "https://oullin.io" Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" - Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent" + Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent, If-None-Match" } @preflight { @@ -46,7 +46,7 @@ oullin.io { # Reflect the Origin back so it's always allowed header Access-Control-Allow-Origin "{http.request.header.Origin}" header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" - header Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent" + header Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent, If-None-Match" header Access-Control-Max-Age "86400" respond 204 } From c4e0091696115ee13af7db3967861413693ef61e Mon Sep 17 00:00:00 2001 From: Gustavo Ocanto Date: Fri, 25 Jul 2025 11:44:27 +0800 Subject: [PATCH 2/2] ETag --- caddy/Caddyfile.local | 1 + caddy/Caddyfile.prod | 1 + 2 files changed, 2 insertions(+) diff --git a/caddy/Caddyfile.local b/caddy/Caddyfile.local index 8fc0cc48..df3fe4b7 100644 --- a/caddy/Caddyfile.local +++ b/caddy/Caddyfile.local @@ -17,6 +17,7 @@ Access-Control-Allow-Origin "http://localhost:5173" # allows the Vue app (running on localhost:5173) to make requests. Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" # Specifies which methods are allowed. Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent, If-None-Match" # allows the custom headers needed by the API. + Access-Control-Expose-Headers "ETag" } # This handles the browser's "preflight" OPTIONS request. diff --git a/caddy/Caddyfile.prod b/caddy/Caddyfile.prod index 4024d938..70c09835 100644 --- a/caddy/Caddyfile.prod +++ b/caddy/Caddyfile.prod @@ -35,6 +35,7 @@ oullin.io { Access-Control-Allow-Origin "https://oullin.io" Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" Access-Control-Allow-Headers "X-API-Key, X-API-Username, X-API-Signature, Content-Type, User-Agent, If-None-Match" + Access-Control-Expose-Headers "ETag" } @preflight {