Mirror
/
remotely-save
mirror of https://github.com/remotely-save/remotely-save.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'moritzlang-add-apache-example-conf'

This commit is contained in:
fyears 2022-04-27 23:39:26 +08:00
parent b0d41478a3 8d25ddb636
commit 6db005018d
2 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
docs/apache_cors_configure.md Normal file
View File

@ -0,0 +1,25 @@
# How To Configure Apache CORS Rules for Webdav
This method is [contributed by community](https://github.com/remotely-save/remotely-save/pull/31).
You should evaluate the risk by yourself before trying this method.
**You are strongly advised to backup your original Apache configuration files before making any changes.**
```apacheconf
<IfModule mod_headers.c>
# Obsidian webdav
SetEnvIf Origin "^app://obsidian.md$" IS_OBSIDIAN
SetEnvIf Origin "^capacitor://localhost$" IS_OBSIDIAN
SetEnvIf Origin "^http://localhost$" IS_OBSIDIAN
Header always set Access-Control-Allow-Origin "*" env=IS_OBSIDIAN
Header always set Access-Control-Allow-Methods "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK, PROPFIND" env=IS_OBSIDIAN
Header always set Access-Control-Allow-Headers "Authorization, Depth, DNT, User-Agent, Keep-Alive, Content-Type, accept, origin, X-Requested-With" env=IS_OBSIDIAN
Header always set Access-Control-Expose-Headers "etag, dav" env=IS_OBSIDIAN
# Allow OPTION request without authentication and respond with status 200
RewriteCond %{ENV:IS_OBSIDIAN} 1
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</IfModule>
```

8
docs/browser_env_cors.md
View File

@ -4,6 +4,10 @@ The plugin is developed for the browser environment. The "fake" browser behind t
[MDN has a doc about CORS.](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)
From Obsidian desktop >= 0.13.25 or mobile >= 1.1.1, Obsidian [provides a new API `requiestUrl`](https://forum.obsidian.md/t/obsidian-release-v0-13-25-insider-build/32701), that allows the plugin to fully bypass the CORS issue. As of Mar 2022, the latest public-released Obsidian desktop has supported this API, but the Obsidian mobile still stays in insider.
1. From Obsidian desktop >= 0.13.25 or mobile >= 1.1.1, Obsidian [provides a new API `requiestUrl`](https://forum.obsidian.md/t/obsidian-release-v0-13-25-insider-build/32701), that allows the plugin to fully bypass the CORS issue. As of Mar 2022, the latest public-released Obsidian desktop has supported this API, but the Obsidian mobile still stays in insider.
For using this plugin in Obsidian desktop < 0.13.25 or mobile < 1.1.1, we need to configure the server side to return the header `Access-Control-Allow-Origin` allowing the origins `app://obsidian.md` and `capacitor://localhost` and `http://localhost`. Here is an example [configuration for Amazon S3](./s3_cors_configure.md).
2. For using this plugin in Obsidian desktop < 0.13.25 or mobile < 1.1.1, we need to configure the server side to return the header `Access-Control-Allow-Origin` allowing the origins `app://obsidian.md` and `capacitor://localhost` and `http://localhost`.
Example configurations:
- [Amazon S3](./s3_cors_configure.md)
- [Apache](./apache_cors_configure.md) ([contributed by community](https://github.com/remotely-save/remotely-save/pull/31))