HTTP: Add CORS Header for private network access. v6.0.13 (#3363)

Co-authored-by: winlin <winlin@vip.126.com>
2025-02-13 11:51:57 +00:00 · 2023-01-06 15:02:53 +08:00 · 2023-01-06 15:02:53 +08:00 · eeb42f7e4a
commit eeb42f7e4a
parent 35e01906f2
3 changed files with 4 additions and 1 deletions
--- a/trunk/doc/CHANGELOG.md
+++ b/trunk/doc/CHANGELOG.md
@ -8,6 +8,7 @@ The changelog for SRS.

 ## SRS 6.0 Changelog

+* v6.0, 2023-01-06, Merge [#3363](https://github.com/ossrs/srs/issues/3363): HTTP: Add CORS Header for private network access. v6.0.13
 * v6.0, 2023-01-04, Merge [#3362](https://github.com/ossrs/srs/issues/3362): SRT: Upgrade libsrt from 1.4.1 to 1.5.1. v6.0.12
 * v6.0, 2023-01-02, For [#465](https://github.com/ossrs/srs/issues/465): HLS: Support HEVC over HLS. v6.0.11
 * v6.0, 2022-12-30, Support first SRS6 version. v6.0.10
--- a/trunk/src/core/srs_core_version6.hpp
+++ b/trunk/src/core/srs_core_version6.hpp
@ -9,6 +9,6 @@

 #define VERSION_MAJOR       6
 #define VERSION_MINOR       0
-#define VERSION_REVISION    12
+#define VERSION_REVISION    13

 #endif
--- a/trunk/src/protocol/srs_protocol_http_stack.cpp
+++ b/trunk/src/protocol/srs_protocol_http_stack.cpp
@ -906,6 +906,8 @@ srs_error_t SrsHttpCorsMux::serve_http(ISrsHttpResponseWriter* w, ISrsHttpMessag
        // https://stackoverflow.com/a/24689738/17679565
        // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
        h->set("Access-Control-Allow-Credentials", "false");
+        // CORS header for private network access, starting in Chrome 104
+        h->set("Access-Control-Request-Private-Network", "true");
    }
    
    // handle the http options.