Monorepo for Aesthetic.Computer
aesthetic.computer
lith/Caddyfile: restore Caddy-side CORS on ipfs gateway
Turns out Kubo doesn't emit Access-Control-Allow-Origin by default; only the
other access-control-* headers. Previous pass-through commit left the gateway
with zero CORS header. Re-add it at the Caddy layer.
The original "*, *" dupe was Cloudflare (or a WAF Transform Rule) stacking on
top of Caddy, not Kubo. If the dupe returns, fix it at Cloudflare.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
+5
-3
+5
-3
lith/Caddyfile
+5
-3
lith/Caddyfile
···
133
133
}
134
134
135
135
# --- ipfs.aesthetic.computer (self-hosted IPFS gateway) ---
136
-
# Kubo's gateway already emits a single Access-Control-Allow-Origin: *,
137
-
# so we pass it through unmodified. An earlier Caddy-level `header`
138
-
# directive added a second copy, producing "*, *" which browsers reject.
136
+
# Kubo doesn't emit Access-Control-Allow-Origin on its own, so Caddy sets it.
137
+
# The earlier "*, *" dupe came from Cloudflare (or a WAF rule) adding its
138
+
# own header on top of Caddy's — if that comes back, disable the CF
139
+
# Transform Rule rather than stripping here.
139
140
@ipfs host ipfs.aesthetic.computer
140
141
handle @ipfs {
142
+
header Access-Control-Allow-Origin *
141
143
reverse_proxy localhost:8090
142
144
}
143
145