From e7eb1d4f12cfda934c3248de63a3e4ac4adaac57 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Sat, 20 Apr 2024 15:47:48 +0300 Subject: [PATCH] add noindex --- app/controllers/api/active_storage_blobs_proxy_controller.rb | 1 + .../api/active_storage_blobs_proxy_legacy_controller.rb | 3 +++ app/controllers/api/api_base_controller.rb | 4 ++++ 3 files changed, 8 insertions(+) diff --git a/app/controllers/api/active_storage_blobs_proxy_controller.rb b/app/controllers/api/active_storage_blobs_proxy_controller.rb index 04893abc..db3b83b2 100644 --- a/app/controllers/api/active_storage_blobs_proxy_controller.rb +++ b/app/controllers/api/active_storage_blobs_proxy_controller.rb @@ -8,6 +8,7 @@ module Api skip_authorization_check before_action :set_cors_headers + before_action :set_noindex_headers def show blob_uuid, purp, exp = ApplicationRecord.signed_id_verifier.verified(params[:signed_uuid]) diff --git a/app/controllers/api/active_storage_blobs_proxy_legacy_controller.rb b/app/controllers/api/active_storage_blobs_proxy_legacy_controller.rb index 54c3ed72..77ad2c6a 100644 --- a/app/controllers/api/active_storage_blobs_proxy_legacy_controller.rb +++ b/app/controllers/api/active_storage_blobs_proxy_legacy_controller.rb @@ -7,6 +7,9 @@ module Api skip_before_action :authenticate_user! skip_authorization_check + before_action :set_cors_headers + before_action :set_noindex_headers + # rubocop:disable Metrics def show Rollbar.info('Blob legacy') if defined?(Rollbar) diff --git a/app/controllers/api/api_base_controller.rb b/app/controllers/api/api_base_controller.rb index 5d7441fa..9ac7c748 100644 --- a/app/controllers/api/api_base_controller.rb +++ b/app/controllers/api/api_base_controller.rb @@ -66,6 +66,10 @@ module Api current_user&.account end + def set_noindex_headers + headers['X-Robots-Tag'] = 'noindex' + end + def set_cors_headers headers['Access-Control-Allow-Origin'] = '*' headers['Access-Control-Allow-Methods'] = 'POST, GET, PUT, PATCH, DELETE, OPTIONS'