fix: expose ratelimit headers via cors (#496)

This commit is contained in:
Angelo Kontaxis
2026-01-25 19:43:06 +00:00
committed by GitHub
parent 0dc5442498
commit a1a21252d0
5 changed files with 34 additions and 1 deletions

1
Cargo.lock generated
View File

@@ -6784,6 +6784,7 @@ dependencies = [
"serde", "serde",
"serde_json", "serde_json",
"tokio 1.47.1", "tokio 1.47.1",
"tower-http 0.5.2",
"tracing", "tracing",
"utoipa", "utoipa",
"utoipa-scalar", "utoipa-scalar",

View File

@@ -70,6 +70,15 @@ pub async fn web() -> Rocket<Build> {
.iter() .iter()
.map(|s| FromStr::from_str(s).unwrap()) .map(|s| FromStr::from_str(s).unwrap())
.collect(), .collect(),
expose_headers: [
"X-Ratelimit-Limit",
"X-Ratelimit-Bucket",
"X-Ratelimit-Remaining",
"X-Ratelimit-Reset-After",
]
.iter()
.map(|s| s.to_string())
.collect(),
..Default::default() ..Default::default()
} }
.to_cors() .to_cors()

View File

@@ -34,6 +34,12 @@ pub async fn router() -> Router<AppState> {
let cors = CorsLayer::new() let cors = CorsLayer::new()
.allow_methods([Method::POST]) .allow_methods([Method::POST])
.allow_headers(AllowHeaders::mirror_request()) .allow_headers(AllowHeaders::mirror_request())
.expose_headers(vec![
"X-RateLimit-Limit".try_into().unwrap(),
"X-RateLimit-Bucket".try_into().unwrap(),
"X-RateLimit-Remaining".try_into().unwrap(),
"X-RateLimit-Reset-After".try_into().unwrap(),
])
.allow_origin(Any); .allow_origin(Any);
Router::new() Router::new()

View File

@@ -36,6 +36,7 @@ revolt-ratelimits = { version = "0.9.4", path = "../../core/ratelimits", feature
# Axum / web server # Axum / web server
axum = { version = "0.7.5" } axum = { version = "0.7.5" }
axum-extra = { version = "0.9", features = ["typed-header"] } axum-extra = { version = "0.9", features = ["typed-header"] }
tower-http = { version = "0.5.2", features = ["cors"] }
# OpenAPI & documentation generation # OpenAPI & documentation generation
utoipa-scalar = { version = "0.1.0", features = ["axum"] } utoipa-scalar = { version = "0.1.0", features = ["axum"] }

View File

@@ -1,5 +1,9 @@
use crate::AppState; use crate::AppState;
use axum::routing::{get, Router}; use axum::{
http::Method,
routing::{get, Router},
};
use tower_http::cors::{AllowHeaders, Any, CorsLayer};
pub mod categories; pub mod categories;
pub mod root; pub mod root;
@@ -7,9 +11,21 @@ pub mod search;
pub mod trending; pub mod trending;
pub fn router() -> Router<AppState> { pub fn router() -> Router<AppState> {
let cors = CorsLayer::new()
.allow_methods([Method::GET])
.allow_headers(AllowHeaders::mirror_request())
.expose_headers(vec![
"X-RateLimit-Limit".try_into().unwrap(),
"X-RateLimit-Bucket".try_into().unwrap(),
"X-RateLimit-Remaining".try_into().unwrap(),
"X-RateLimit-Reset-After".try_into().unwrap(),
])
.allow_origin(Any);
Router::new() Router::new()
.route("/", get(root::root)) .route("/", get(root::root))
.route("/categories", get(categories::categories)) .route("/categories", get(categories::categories))
.route("/search", get(search::search)) .route("/search", get(search::search))
.route("/trending", get(trending::trending)) .route("/trending", get(trending::trending))
.layer(cors)
} }