diff options
author | Rigel Kent <sendmemail@rigelk.eu> | 2021-05-12 21:21:52 +0200 |
---|---|---|
committer | Rigel Kent <sendmemail@rigelk.eu> | 2021-05-12 21:21:52 +0200 |
commit | 0ae3ebb03edf8b6a6d74666f006d7373e393e40d (patch) | |
tree | 1144dee0adcce84d624c8b4c1103bf807582b85a /support/doc/api/openapi.yaml | |
parent | c158a5faabb8ef0bc5d121fda4522d63603e8bc5 (diff) | |
download | PeerTube-0ae3ebb03edf8b6a6d74666f006d7373e393e40d.tar.gz PeerTube-0ae3ebb03edf8b6a6d74666f006d7373e393e40d.tar.zst PeerTube-0ae3ebb03edf8b6a6d74666f006d7373e393e40d.zip |
add cors section in openapi spec
Diffstat (limited to 'support/doc/api/openapi.yaml')
-rw-r--r-- | support/doc/api/openapi.yaml | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/support/doc/api/openapi.yaml b/support/doc/api/openapi.yaml index f99d49fef..d8597d618 100644 --- a/support/doc/api/openapi.yaml +++ b/support/doc/api/openapi.yaml | |||
@@ -66,12 +66,12 @@ info: | |||
66 | 66 | ||
67 | We are rate-limiting all endpoints of PeerTube's API. Custom values can be set by administrators: | 67 | We are rate-limiting all endpoints of PeerTube's API. Custom values can be set by administrators: |
68 | 68 | ||
69 | | Endpoint | Calls | Time frame | | 69 | | Endpoint (prefix: `/api/v1`) | Calls | Time frame | |
70 | |-------------------------|------------------|---------------------------| | 70 | |------------------------------|---------------|--------------| |
71 | | `/*` | 50 | 10 seconds | | 71 | | `/*` | 50 | 10 seconds | |
72 | | `POST /users/token` | 15 | 5 minutes | | 72 | | `POST /users/token` | 15 | 5 minutes | |
73 | | `POST /users/register` | 2<sup>*</sup> | 5 minutes | | 73 | | `POST /users/register` | 2<sup>*</sup> | 5 minutes | |
74 | | `POST /users/ask-send-verify-email` | 3 | 5 minutes | | 74 | | `POST /users/ask-send-verify-email` | 3 | 5 minutes | |
75 | 75 | ||
76 | Depending on the endpoint, <sup>*</sup>failed requests are not taken into account. A service | 76 | Depending on the endpoint, <sup>*</sup>failed requests are not taken into account. A service |
77 | limit is announced by a `429 Too Many Requests` status code. | 77 | limit is announced by a `429 Too Many Requests` status code. |
@@ -85,6 +85,21 @@ info: | |||
85 | | `X-RateLimit-Remaining` | Number of remaining requests in the current time period | | 85 | | `X-RateLimit-Remaining` | Number of remaining requests in the current time period | |
86 | | `X-RateLimit-Reset` | Timestamp of end of current time period as UNIX timestamp | | 86 | | `X-RateLimit-Reset` | Timestamp of end of current time period as UNIX timestamp | |
87 | | `Retry-After` | Seconds to delay after the first `429` is received | | 87 | | `Retry-After` | Seconds to delay after the first `429` is received | |
88 | |||
89 | # CORS | ||
90 | |||
91 | This API features [Cross-Origin Resource Sharing (CORS)](https://fetch.spec.whatwg.org/), | ||
92 | allowing cross-domain communication from the browser for some routes: | ||
93 | |||
94 | | Endpoint | Origin | | ||
95 | |------------------------- ---|--------| | ||
96 | | `/api/*` | * | | ||
97 | | `/download/*` | * | | ||
98 | | `/lazy-static/*` | * | | ||
99 | | `/live/segments-sha256/*` | * | | ||
100 | | `/.well-known/webfinger` | * | | ||
101 | |||
102 | In addition, all routes serving ActivityPub are CORS-enabled for all origins. | ||
88 | externalDocs: | 103 | externalDocs: |
89 | url: https://docs.joinpeertube.org/api-rest-reference.html | 104 | url: https://docs.joinpeertube.org/api-rest-reference.html |
90 | tags: | 105 | tags: |