From 432b7b526a01b20d5f86f4e34ba83ad904b34e14 Mon Sep 17 00:00:00 2001
From: leko <rexx0520@gmail.com>
Date: Sun, 6 Oct 2024 00:44:09 +0800
Subject: [PATCH 1/4] feat: add no-cors mode for reverse_proxy method

---
 README.md | 15 ++++++++++++---
 ede.js    | 11 ++++++++---
 2 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index b87a2ba..e5218af 100644
--- a/README.md
+++ b/README.md
@@ -83,14 +83,23 @@ sub_filter_once on;
 # 网站设置
 example.com {
     filter {
-        path .*/web/.*
+        path /web/.*
         search_pattern </body>
-        replacement "<script src=\"https://jellyfin-danmaku.pages.dev/ede.user.js\" defer></script></body>"
+        replacement "<script src=\"https://jellyfin-danmaku.pages.dev/ede.user.js?noCors=1\" defer></script></body>"
         content_type text/html
     }
-    reverse_proxy localhost:8096 {
+    reverse_proxy / localhost:8096 {
         header_up Accept-Encoding identity
     }
+
+    reverse_proxy /ddplay-api/* https://api.dandanplay.net {
+        rewrite * /{path.1}
+    }
+    header /ddplay-api/* {
+        Access-Control-Allow-Origin "example.com"
+        Access-Control-Allow-Methods "GET, POST, OPTIONS"
+        Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization"
+    }
 }
 ```
 
diff --git a/ede.js b/ede.js
index 858e3d6..8e624f0 100644
--- a/ede.js
+++ b/ede.js
@@ -3,7 +3,7 @@
 // @description  Jellyfin弹幕插件
 // @namespace    https://github.com/RyoLee
 // @author       RyoLee
-// @version      1.46
+// @version      1.47
 // @copyright    2022, RyoLee (https://github.com/RyoLee)
 // @license      MIT; https://raw.githubusercontent.com/Izumiko/jellyfin-danmaku/jellyfin/LICENSE
 // @icon         https://github.githubassets.com/pinned-octocat.svg
@@ -25,10 +25,15 @@
     }
     // ------ configs start------
     const isInTampermonkey = !(typeof GM_xmlhttpRequest === 'undefined');
+    const isLocalCors = (!isInTampermonkey && document.currentScript?.src) ? new URL(document.currentScript?.src).searchParams.has("noCors") : false;
     const corsProxy = 'https://ddplay-api.930524.xyz/cors/';
-    const apiPrefix = isInTampermonkey ? 'https://api.dandanplay.net' : corsProxy + 'https://api.dandanplay.net';
+    const apiPrefix = isInTampermonkey 
+        ? 'https://api.dandanplay.net' 
+        : isLocalCors
+            ? `${window.location.origin}/ddplay-api`
+            : corsProxy + 'https://api.dandanplay.net';
     // const apiPrefix = 'https://api.930524.xyz';
-    const authPrefix = corsProxy + 'https://api.dandanplay.net';  // 在Worker上计算Hash
+    const authPrefix = isLocalCors ? apiPrefix : corsProxy + 'https://api.dandanplay.net';  // 在Worker上计算Hash
     let ddplayStatus = JSON.parse(localStorage.getItem('ddplayStatus')) || { isLogin: false, token: '', tokenExpire: 0 };
     const check_interval = 200;
     // 0:当前状态关闭 1:当前状态打开

From 848284ac21a0c668d5b8a5dd1e400dba9c349163 Mon Sep 17 00:00:00 2001
From: leko <rexx0520@gmail.com>
Date: Sun, 6 Oct 2024 01:00:20 +0800
Subject: [PATCH 2/4] fox: no-cors readme

---
 README.md | 33 +++++++++++++++++++++++++--------
 1 file changed, 25 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index e5218af..89b8437 100644
--- a/README.md
+++ b/README.md
@@ -64,10 +64,28 @@
 
 ```conf
 proxy_set_header Accept-Encoding "";
-sub_filter '</body>' '<script src="https://jellyfin-danmaku.pages.dev/ede.user.js" defer></script></body>';
+sub_filter '</body>' '<script src="https://jellyfin-danmaku.pages.dev/ede.user.js?noCors=1" defer></script></body>';
 sub_filter_once on;
 ```
 
+並加入一個新的 location 塊:
+```conf
+location /ddplay-api/ {
+    proxy_pass https://api.dandanplay.net/;
+    proxy_set_header Host $host;
+
+    add_header Access-Control-Allow-Origin "example.com";
+    add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
+    add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization";
+
+    if ($request_method = OPTIONS) {
+        add_header Content-Length 0;
+        add_header Content-Type text/plain;
+        return 204;
+    }
+}
+```
+
 - [`完整示例`](https://github.com/Izumiko/jellyfin-danmaku/issues/8)
 
 #### 2.2 Caddy
@@ -92,13 +110,12 @@ example.com {
         header_up Accept-Encoding identity
     }
 
-    reverse_proxy /ddplay-api/* https://api.dandanplay.net {
-        rewrite * /{path.1}
-    }
-    header /ddplay-api/* {
-        Access-Control-Allow-Origin "example.com"
-        Access-Control-Allow-Methods "GET, POST, OPTIONS"
-        Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization"
+    handle_path /ddplay-api/* {
+        reverse_proxy https://api.dandanplay.net {
+            header_down Access-Control-Allow-Origin "example.com"
+            header_down Access-Control-Allow-Methods "GET, POST, OPTIONS"
+            header_down Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization"
+        }
     }
 }
 ```

From a7462f58d0c920356b92f8ed6a7d8f34daecb137 Mon Sep 17 00:00:00 2001
From: leko <leko@leko.moe>
Date: Sun, 6 Oct 2024 13:43:39 +0800
Subject: [PATCH 3/4] fix: typo

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 89b8437..f4443fa 100644
--- a/README.md
+++ b/README.md
@@ -106,7 +106,7 @@ example.com {
         replacement "<script src=\"https://jellyfin-danmaku.pages.dev/ede.user.js?noCors=1\" defer></script></body>"
         content_type text/html
     }
-    reverse_proxy / localhost:8096 {
+    reverse_proxy localhost:8096 {
         header_up Accept-Encoding identity
     }
 

From 4b81f34b442d23e2007da0f62a67333882b4541d Mon Sep 17 00:00:00 2001
From: leko <rexx0520@gmail.com>
Date: Sun, 6 Oct 2024 15:14:32 +0800
Subject: [PATCH 4/4] fix: fallback login API to worker on no-cors mode

---
 README.md | 34 +++++++++++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f4443fa..be1ae0c 100644
--- a/README.md
+++ b/README.md
@@ -68,7 +68,7 @@ sub_filter '</body>' '<script src="https://jellyfin-danmaku.pages.dev/ede.user.j
 sub_filter_once on;
 ```
 
-並加入一個新的 location 塊:
+並加入新的 location 塊:
 ```conf
 location /ddplay-api/ {
     proxy_pass https://api.dandanplay.net/;
@@ -84,6 +84,30 @@ location /ddplay-api/ {
         return 204;
     }
 }
+
+location /ddplay-api/ {
+    proxy_pass https://api.dandanplay.net/;
+    proxy_set_header Host $host;
+
+    add_header Access-Control-Allow-Origin "example.com";
+    add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
+    add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization";
+
+    if ($request_method = OPTIONS) {
+        add_header Content-Length 0;
+        add_header Content-Type text/plain;
+        return 204;
+    }
+}
+
+location /ddplay-api/api/v2/login {
+    proxy_pass https://jellyfin-danmaku.pages.dev;
+    proxy_set_header Host $host;
+
+    add_header Access-Control-Allow-Origin "example.com";
+    add_header Access-Control-Allow-Methods "POST, OPTIONS";
+    add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization";
+}
 ```
 
 - [`完整示例`](https://github.com/Izumiko/jellyfin-danmaku/issues/8)
@@ -110,6 +134,14 @@ example.com {
         header_up Accept-Encoding identity
     }
 
+    handle_path /ddplay-api/api/v2/login* {
+        reverse_proxy https://jellyfin-danmaku.pages.dev {
+            header_down Access-Control-Allow-Origin "example.com"
+            header_down Access-Control-Allow-Methods "POST, OPTIONS"
+            header_down Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization"
+        }
+    }
+
     handle_path /ddplay-api/* {
         reverse_proxy https://api.dandanplay.net {
             header_down Access-Control-Allow-Origin "example.com"