From eb552c937e6b85d383895c6ea976fe169e7e192b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20Florczak?= <84631301+florczaq@users.noreply.github.com> Date: Wed, 24 Sep 2025 18:14:26 +0200 Subject: [PATCH 1/2] Add localhost to origin --- src/main/java/org/pkwmtt/files/apk/ApkController.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/org/pkwmtt/files/apk/ApkController.java b/src/main/java/org/pkwmtt/files/apk/ApkController.java index 9a38620..49ed22e 100644 --- a/src/main/java/org/pkwmtt/files/apk/ApkController.java +++ b/src/main/java/org/pkwmtt/files/apk/ApkController.java @@ -24,6 +24,7 @@ public ResponseEntity download () throws IOException { .ok() .contentType(MediaType.parseMediaType("application/vnd.android.package-archive")) .header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=PKWM_App.apk") + .header(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, "https://pkwmapp.pl", "http://localhost:3000") .body(apkService.getApkResource()); } From 85400851967e7ab6bd56cd4867d0928128e506e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20Florczak?= <84631301+florczaq@users.noreply.github.com> Date: Wed, 24 Sep 2025 18:14:26 +0200 Subject: [PATCH 2/2] Add localhost to origin --- .../org/pkwmtt/files/apk/ApkController.java | 24 ++++++++++++++----- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/src/main/java/org/pkwmtt/files/apk/ApkController.java b/src/main/java/org/pkwmtt/files/apk/ApkController.java index 9a38620..2b8688a 100644 --- a/src/main/java/org/pkwmtt/files/apk/ApkController.java +++ b/src/main/java/org/pkwmtt/files/apk/ApkController.java @@ -1,7 +1,9 @@ package org.pkwmtt.files.apk; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.core.io.UrlResource; +import org.springframework.http.ContentDisposition; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; @@ -10,6 +12,7 @@ import org.springframework.web.bind.annotation.RestController; import java.io.IOException; +import java.util.List; @RequestMapping("${apiPrefix}/apk") @RestController @@ -19,12 +22,21 @@ public class ApkController { private final ApkService apkService; @GetMapping("/download") - public ResponseEntity download () throws IOException { - return ResponseEntity - .ok() - .contentType(MediaType.parseMediaType("application/vnd.android.package-archive")) - .header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=PKWM_App.apk") - .body(apkService.getApkResource()); + public ResponseEntity download (HttpServletRequest request) throws IOException { + String origin = request.getHeader("Origin"); + List allowedOrigins = List.of("https://pkwmapp.pl", "http://localhost:3000"); + + HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.parseMediaType("application/vnd.android.package-archive")); + headers.setContentDisposition(ContentDisposition.attachment().filename("PKWM_App.apk").build()); + + if (allowedOrigins.contains(origin)) { + headers.set("Access-Control-Allow-Origin", origin); + } + + return ResponseEntity.ok() + .headers(headers) + .body(apkService.getApkResource()); } @GetMapping("/version")