Properly fix CORS in PO token web views #8203
Merged
+17
−1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
absidue
requested review from
ChunkyProgrammer,
MarmadileManteater,
PikachuEXE,
efb4f5ff-1298-471a-8973-3d47447115dc and
kommunarr
github-actions
bot
added
the
PR: waiting for review
efb4f5ff-1298-471a-8973-3d47447115dc
approved these changes
Oct 31, 2025
PikachuEXE
approved these changes
Nov 2, 2025
kommunarr
approved these changes
Nov 2, 2025
github-actions
bot
removed
the
PR: waiting for review
PikachuEXE
added a commit
to PikachuEXE/FreeTube
that referenced
this pull request
Nov 3, 2025
* development: (325 commits) Replace vue-portal dependency with Vue's built-in <Teleport> component (FreeTubeApp#8207) Update to Vue 3 (FreeTubeApp#8094) Translated using Weblate (Basque) Translated using Weblate (Hungarian) Translated using Weblate (Icelandic) Translated using Weblate (Turkish) Properly fix CORS in PO token web views (FreeTubeApp#8203) Translated using Weblate (Italian) Translated using Weblate (Norwegian Bokmål) Translated using Weblate (French) Configure nedb to always clean up corrupted data (FreeTubeApp#8202) Translated using Weblate (Portuguese (Brazil)) Add video paused check to frame shortcuts (FreeTubeApp#8200) Fix toast with timeout 0 will be displayed for default 3s (FreeTubeApp#8168) Translated using Weblate (Chinese (Simplified Han script)) Change containing text input limit (FreeTubeApp#8174) Translated using Weblate (Dutch) Add support for AppImageUpdate (FreeTubeApp#8153) Added New Window option to Tray (FreeTubeApp#7995) Translated using Weblate (Japanese) ...
PikachuEXE
added a commit
to PikachuEXE/FreeTube
that referenced
this pull request
Nov 3, 2025
* development: (21 commits) Replace vue-portal dependency with Vue's built-in <Teleport> component (FreeTubeApp#8207) Update to Vue 3 (FreeTubeApp#8094) Translated using Weblate (Basque) Translated using Weblate (Hungarian) Translated using Weblate (Icelandic) Translated using Weblate (Turkish) Properly fix CORS in PO token web views (FreeTubeApp#8203) Translated using Weblate (Italian) Translated using Weblate (Norwegian Bokmål) Translated using Weblate (French) Configure nedb to always clean up corrupted data (FreeTubeApp#8202) Translated using Weblate (Portuguese (Brazil)) Add video paused check to frame shortcuts (FreeTubeApp#8200) Fix toast with timeout 0 will be displayed for default 3s (FreeTubeApp#8168) Translated using Weblate (Chinese (Simplified Han script)) Change containing text input limit (FreeTubeApp#8174) Translated using Weblate (Dutch) Add support for AppImageUpdate (FreeTubeApp#8153) Added New Window option to Tray (FreeTubeApp#7995) Translated using Weblate (Japanese) ...
PikachuEXE
added a commit
to NishPatel101/FreeTube
that referenced
this pull request
Nov 3, 2025
* development: (38 commits) Replace vue-portal dependency with Vue's built-in <Teleport> component (FreeTubeApp#8207) Update to Vue 3 (FreeTubeApp#8094) Translated using Weblate (Basque) Translated using Weblate (Hungarian) Translated using Weblate (Icelandic) Translated using Weblate (Turkish) Properly fix CORS in PO token web views (FreeTubeApp#8203) Translated using Weblate (Italian) Translated using Weblate (Norwegian Bokmål) Translated using Weblate (French) Configure nedb to always clean up corrupted data (FreeTubeApp#8202) Translated using Weblate (Portuguese (Brazil)) Add video paused check to frame shortcuts (FreeTubeApp#8200) Fix toast with timeout 0 will be displayed for default 3s (FreeTubeApp#8168) Translated using Weblate (Chinese (Simplified Han script)) Change containing text input limit (FreeTubeApp#8174) Translated using Weblate (Dutch) Add support for AppImageUpdate (FreeTubeApp#8153) Added New Window option to Tray (FreeTubeApp#7995) Translated using Weblate (Japanese) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request Type
Description
Currently we set the webSecurity option to false in the PO token web views, which as the name implies disables various security features, this pull request switches to using the
webRequest.onHeadersReceivedcallback to override the CORS headers, so we no longer need to set webSecurity to false.Testing
Open a video and check that it plays.
Desktop