From 4f6d82bc7b2d313683ee2c997a6bb8740c50a79c Mon Sep 17 00:00:00 2001 From: Web-serfer Date: Mon, 27 Apr 2026 20:55:33 +0500 Subject: [PATCH] Add CORS headers to fix 403 --- frontend/src/pages/api/increment-views.ts | 38 +++++++++++++---------- frontend/src/pages/api/test-post.ts | 16 +++++++++- 2 files changed, 37 insertions(+), 17 deletions(-) diff --git a/frontend/src/pages/api/increment-views.ts b/frontend/src/pages/api/increment-views.ts index b2d8e48..c7e9986 100644 --- a/frontend/src/pages/api/increment-views.ts +++ b/frontend/src/pages/api/increment-views.ts @@ -39,27 +39,39 @@ async function pbRequest(method: string, path: string, body?: object) { return JSON.parse(err) || {}; } +function jsonResponse(data: object, status = 200): Response { + return new Response(JSON.stringify(data), { + status, + headers: { 'Content-Type': 'application/json', 'Access-Control-Allow-Origin': '*' } + }); +} + export const POST: APIRoute = async ({ request, url }) => { + if (request.method === 'OPTIONS') { + return new Response(null, { + status: 204, + headers: { + 'Access-Control-Allow-Origin': '*', + 'Access-Control-Allow-Methods': 'POST, OPTIONS', + 'Access-Control-Allow-Headers': 'Content-Type', + } + }); + } + console.log('[Increment Views] PB_URL:', POCKETBASE_URL); try { const postId = url.searchParams.get('postId'); if (!postId || !POCKETBASE_ID_REGEX.test(postId)) { - return new Response( - JSON.stringify({ error: 'Некорректный postId' }), - { status: 400, headers: { 'Content-Type': 'application/json' } } - ); + return jsonResponse({ error: 'Некорректный postId' }, 400); } let post; try { post = await pbRequest('GET', `/api/collections/posts/records/${postId}`); } catch { - return new Response( - JSON.stringify({ error: 'Пост не найден' }), - { status: 404, headers: { 'Content-Type': 'application/json' } } - ); + return jsonResponse({ error: 'Пост не найден' }, 404); } const ip = getClientIp(request); @@ -107,16 +119,10 @@ export const POST: APIRoute = async ({ request, url }) => { } } - return new Response( - JSON.stringify({ views: totalViews, isNewView }), - { status: 200, headers: { 'Content-Type': 'application/json' } } - ); + return jsonResponse({ views: totalViews, isNewView }, 200); } catch (error) { console.error('[Increment Views] Error:', error); - return new Response( - JSON.stringify({ error: 'Внутренняя ошибка сервера' }), - { status: 500, headers: { 'Content-Type': 'application/json' } } - ); + return jsonResponse({ error: 'Внутренняя ошибка сервера' }, 500); } }; \ No newline at end of file diff --git a/frontend/src/pages/api/test-post.ts b/frontend/src/pages/api/test-post.ts index 0d38eba..d1d857c 100644 --- a/frontend/src/pages/api/test-post.ts +++ b/frontend/src/pages/api/test-post.ts @@ -1,6 +1,17 @@ import type { APIRoute } from 'astro'; export const POST: APIRoute = async ({ request, url }) => { + if (request.method === 'OPTIONS') { + return new Response(null, { + status: 204, + headers: { + 'Access-Control-Allow-Origin': '*', + 'Access-Control-Allow-Methods': 'POST, OPTIONS', + 'Access-Control-Allow-Headers': 'Content-Type', + } + }); + } + const params = Object.fromEntries(url.searchParams.entries()); return new Response(JSON.stringify({ @@ -9,6 +20,9 @@ export const POST: APIRoute = async ({ request, url }) => { url: request.url, }), { status: 200, - headers: { 'Content-Type': 'application/json' } + headers: { + 'Content-Type': 'application/json', + 'Access-Control-Allow-Origin': '*', + } }); }; \ No newline at end of file