From 3ba925ebae633badba743e8181da75c031f13319 Mon Sep 17 00:00:00 2001
From: Erb3 <49862976+Erb3@users.noreply.github.com>
Date: Sat, 25 Jan 2025 20:32:42 +0100
Subject: [PATCH] fix(labrinth): cors headers on ratelimited

Kinda hotfix.

Fixes #2591
Fixes #2529
---
 apps/labrinth/src/util/cors.rs      | 1 +
 apps/labrinth/src/util/ratelimit.rs | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/apps/labrinth/src/util/cors.rs b/apps/labrinth/src/util/cors.rs
index 5f35b2bc5..15bd1c632 100644
--- a/apps/labrinth/src/util/cors.rs
+++ b/apps/labrinth/src/util/cors.rs
@@ -1,5 +1,6 @@
 use actix_cors::Cors;
 
+// Updating this? Remember to update the ratelimit CORS too!
 pub fn default_cors() -> Cors {
     Cors::default()
         .allow_any_origin()
diff --git a/apps/labrinth/src/util/ratelimit.rs b/apps/labrinth/src/util/ratelimit.rs
index f20fb51f3..aa3fd81ff 100644
--- a/apps/labrinth/src/util/ratelimit.rs
+++ b/apps/labrinth/src/util/ratelimit.rs
@@ -168,6 +168,15 @@ where
                         wait_time.as_secs().into(),
                     );
 
+                    // TODO: Sentralize CORS in the CORS util.
+                    headers.insert(
+                        actix_web::http::header::HeaderName::from_str(
+                            "Access-Control-Allow-Origin",
+                        )
+                        .unwrap(),
+                        "*".parse().unwrap(),
+                    );
+
                     Box::pin(async {
                         Ok(req.into_response(response.map_into_right_body()))
                     })