From f3399a87b438c37671487a9e6cef4d854c7766fc Mon Sep 17 00:00:00 2001 From: cottongin Date: Sat, 17 Jan 2026 13:39:10 -0500 Subject: [PATCH] cleanup --- CORS.md | 89 --------------------------------------------------------- 1 file changed, 89 deletions(-) delete mode 100644 CORS.md diff --git a/CORS.md b/CORS.md deleted file mode 100644 index 7a39535..0000000 --- a/CORS.md +++ /dev/null @@ -1,89 +0,0 @@ -For DreamHost hosting, the owner of `feed.falsefinish.club` can configure CORS headers using an `.htaccess` file in the root directory of the site (or in the specific directory serving the audio files). - -## Setting CORS Headers on DreamHost - -Create or edit the `.htaccess` file in the web root (typically `~/falsefinish.club/feed/` or wherever the audio files are served from) and add: - -```apache -# Enable CORS for echo-reality.com - - Header set Access-Control-Allow-Origin "https://echo-reality.com" - Header set Access-Control-Allow-Methods "GET, HEAD, OPTIONS" - Header set Access-Control-Expose-Headers "ETag, Last-Modified, Content-Length" - - -# Handle preflight OPTIONS requests - - RewriteEngine On - RewriteCond %{REQUEST_METHOD} OPTIONS - RewriteRule ^(.*)$ $1 [R=200,L] - -``` - -### If targeting specific file types only (recommended) - -To apply CORS headers only to audio files: - -```apache - - - Header set Access-Control-Allow-Origin "https://echo-reality.com" - Header set Access-Control-Allow-Methods "GET, HEAD, OPTIONS" - Header set Access-Control-Expose-Headers "ETag, Last-Modified, Content-Length" - - -``` - -### For multiple origins (if needed during development) - -If you need to allow both the production domain and a local development server: - -```apache - - SetEnvIf Origin "^https://(echo-reality\.com|localhost:3000)$" CORS_ORIGIN=$0 - Header set Access-Control-Allow-Origin "%{CORS_ORIGIN}e" env=CORS_ORIGIN - Header set Access-Control-Allow-Methods "GET, HEAD, OPTIONS" - Header set Access-Control-Expose-Headers "ETag, Last-Modified, Content-Length" - -``` - -### How to add the .htaccess file on DreamHost - -1. **Via SFTP/FTP**: Connect to the server using an FTP client (like FileZilla) and upload/edit the `.htaccess` file in the appropriate directory - -2. **Via DreamHost Panel File Manager**: Log into the DreamHost panel → Manage Websites → Files → navigate to the directory and create/edit `.htaccess` - -3. **Via SSH** (if enabled): SSH into the server and use a text editor like `nano` or `vim` - -### Important notes for DreamHost - -- DreamHost's shared hosting uses Apache, so `.htaccess` files work out of the box -- The `mod_headers` module is enabled by default on DreamHost -- Make sure the `.htaccess` file has proper permissions (644) -- Changes take effect immediately—no server restart needed - -### Testing the configuration - -After adding the `.htaccess` file, the owner can verify it's working by checking the response headers: - -```bash -curl -I -X OPTIONS -H "Origin: https://echo-reality.com" \ - "https://feed.falsefinish.club/Echo%20Reality/PINK%20FLIGHT/MP3%20BOUNCE/01.%20PINK%20FLIGHT%20ATTENDANT.mp3" -``` - -The response should include the `Access-Control-Allow-Origin: https://echo-reality.com` header. - -### Quick test `.htaccess` for DreamHost - -```apache -# TEMPORARY - Allow all origins for testing - - - Header set Access-Control-Allow-Origin "*" - Header set Access-Control-Allow-Methods "GET, HEAD, OPTIONS" - Header set Access-Control-Expose-Headers "ETag, Last-Modified, Content-Length" - - -``` - -This limits the wildcard CORS to just media files, which is a reasonable middle ground—your audio files are publicly accessible but you're not opening up everything on the domain. \ No newline at end of file