Merge pull request #2152 from thornbill/me-want-cookie

Add config option to include cookies in playback requests
2025-03-30 19:56:21 +00:00 · 2020-12-02 11:50:45 +09:00 · 2020-12-02 11:50:45 +09:00 · e189bc6041
commit e189bc6041
parent 6f1b3c8c9f efc43b42b8
4 changed files with 38 additions and 10 deletions
--- a/src/config.json
+++ b/src/config.json
@ -1,4 +1,5 @@
 {
+  "includeCorsCredentials": false,
  "multiserver": false,
  "themes": [
    {
--- a/src/plugins/htmlAudioPlayer/plugin.js
+++ b/src/plugins/htmlAudioPlayer/plugin.js
@ -3,6 +3,7 @@ import browser from '../../scripts/browser';
 import { appHost } from '../../components/apphost';
 import * as htmlMediaHelper from '../../components/htmlMediaHelper';
 import profileBuilder from '../../scripts/browserDeviceProfile';
+import { getIncludeCorsCredentials } from '../../scripts/settings/webSettings';

 function getDefaultProfile() {
    return profileBuilder({});
@ -129,9 +130,14 @@ class HtmlAudioPlayer {

            return enableHlsPlayer(val, options.item, options.mediaSource, 'Audio').then(function () {
                return new Promise(function (resolve, reject) {
-                    requireHlsPlayer(function () {
+                    requireHlsPlayer(async () => {
+                        const includeCorsCredentials = await getIncludeCorsCredentials();
+
                        const hls = new Hls({
-                            manifestLoadingTimeOut: 20000
+                            manifestLoadingTimeOut: 20000,
+                            xhrSetup: function (xhr, url) {
+                                xhr.withCredentials = includeCorsCredentials;
+                            }
                        });
                        hls.loadSource(val);
                        hls.attachMedia(elem);
@ -143,11 +149,14 @@ class HtmlAudioPlayer {
                        self._currentSrc = val;
                    });
                });
-            }, function () {
+            }, async () => {
                elem.autoplay = true;

-                // Safari will not send cookies without this
-                elem.crossOrigin = 'use-credentials';
+                const includeCorsCredentials = await getIncludeCorsCredentials();
+                if (includeCorsCredentials) {
+                    // Safari will not send cookies without this
+                    elem.crossOrigin = 'use-credentials';
+                }

                return htmlMediaHelper.applySrc(elem, val, options).then(function () {
                    self._currentSrc = val;
--- a/src/plugins/htmlVideoPlayer/plugin.js
+++ b/src/plugins/htmlVideoPlayer/plugin.js
@ -28,6 +28,7 @@ import Screenfull from 'screenfull';
 import globalize from '../../scripts/globalize';
 import ServerConnections from '../../components/ServerConnections';
 import profileBuilder from '../../scripts/browserDeviceProfile';
+import { getIncludeCorsCredentials } from '../../scripts/settings/webSettings';

 /* eslint-disable indent */

@ -382,7 +383,7 @@ function tryRemoveElement(elem) {
         */
        setSrcWithHlsJs(elem, options, url) {
            return new Promise((resolve, reject) => {
-                requireHlsPlayer(() => {
+                requireHlsPlayer(async () => {
                    let maxBufferLength = 30;
                    let maxMaxBufferLength = 600;

@ -395,10 +396,15 @@ function tryRemoveElement(elem) {
                        maxMaxBufferLength = 6;
                    }

+                    const includeCorsCredentials = await getIncludeCorsCredentials();
+
                    const hls = new Hls({
                        manifestLoadingTimeOut: 20000,
                        maxBufferLength: maxBufferLength,
-                        maxMaxBufferLength: maxMaxBufferLength
+                        maxMaxBufferLength: maxMaxBufferLength,
+                        xhrSetup(xhr) {
+                            xhr.withCredentials = includeCorsCredentials;
+                        }
                    });
                    hls.loadSource(url);
                    hls.attachMedia(elem);
@ -416,7 +422,7 @@ function tryRemoveElement(elem) {
        /**
         * @private
         */
-        setCurrentSrc(elem, options) {
+        async setCurrentSrc(elem, options) {
            elem.removeEventListener('error', this.onError);

            let val = options.url;
@ -456,8 +462,11 @@ function tryRemoveElement(elem) {
            } else {
                elem.autoplay = true;

-                // Safari will not send cookies without this
-                elem.crossOrigin = 'use-credentials';
+                const includeCorsCredentials = await getIncludeCorsCredentials();
+                if (includeCorsCredentials) {
+                    // Safari will not send cookies without this
+                    elem.crossOrigin = 'use-credentials';
+                }

                return applySrc(elem, val, options).then(() => {
                    this.#currentSrc = val;
--- a/src/scripts/settings/webSettings.js
+++ b/src/scripts/settings/webSettings.js
@ -76,6 +76,15 @@ async function getDefaultConfig() {
    }
 }

+export function getIncludeCorsCredentials() {
+    return getConfig()
+        .then(config => config.includeCorsCredentials)
+        .catch(error => {
+            console.log('cannot get web config:', error);
+            return false;
+        });
+}
+
 export function getMultiServer() {
    return getConfig().then(config => {
        return config.multiserver;