From 0ae3ebb03edf8b6a6d74666f006d7373e393e40d Mon Sep 17 00:00:00 2001 From: Rigel Kent Date: Wed, 12 May 2021 21:21:52 +0200 Subject: add cors section in openapi spec --- support/doc/api/openapi.yaml | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) (limited to 'support/doc/api/openapi.yaml') diff --git a/support/doc/api/openapi.yaml b/support/doc/api/openapi.yaml index f99d49fef..d8597d618 100644 --- a/support/doc/api/openapi.yaml +++ b/support/doc/api/openapi.yaml @@ -66,12 +66,12 @@ info: We are rate-limiting all endpoints of PeerTube's API. Custom values can be set by administrators: - | Endpoint | Calls | Time frame | - |-------------------------|------------------|---------------------------| - | `/*` | 50 | 10 seconds | - | `POST /users/token` | 15 | 5 minutes | - | `POST /users/register` | 2* | 5 minutes | - | `POST /users/ask-send-verify-email` | 3 | 5 minutes | + | Endpoint (prefix: `/api/v1`) | Calls | Time frame | + |------------------------------|---------------|--------------| + | `/*` | 50 | 10 seconds | + | `POST /users/token` | 15 | 5 minutes | + | `POST /users/register` | 2* | 5 minutes | + | `POST /users/ask-send-verify-email` | 3 | 5 minutes | Depending on the endpoint, *failed requests are not taken into account. A service limit is announced by a `429 Too Many Requests` status code. @@ -85,6 +85,21 @@ info: | `X-RateLimit-Remaining` | Number of remaining requests in the current time period | | `X-RateLimit-Reset` | Timestamp of end of current time period as UNIX timestamp | | `Retry-After` | Seconds to delay after the first `429` is received | + + # CORS + + This API features [Cross-Origin Resource Sharing (CORS)](https://fetch.spec.whatwg.org/), + allowing cross-domain communication from the browser for some routes: + + | Endpoint | Origin | + |------------------------- ---|--------| + | `/api/*` | * | + | `/download/*` | * | + | `/lazy-static/*` | * | + | `/live/segments-sha256/*` | * | + | `/.well-known/webfinger` | * | + + In addition, all routes serving ActivityPub are CORS-enabled for all origins. externalDocs: url: https://docs.joinpeertube.org/api-rest-reference.html tags: -- cgit v1.2.3