Spaces:

DannyChi
/

ccc

Sleeping

ccc

File size: 2,893 Bytes

6662b0a

using Microsoft.AspNetCore.StaticFiles;

var builder = WebApplication.CreateBuilder(args);

// �K�[ CORS ����
builder.Services.AddCors(options =>
{
    options.AddPolicy("AllowAll",
        builder =>
        {
            builder.AllowAnyOrigin()
                   .AllowAnyMethod()
                   .AllowAnyHeader();
        });
});

// �K�[ HttpClient �u�t
builder.Services.AddHttpClient();

// �t�m�R�W�� HttpClient
builder.Services.AddHttpClient("VideoProcessingClient")
    .SetHandlerLifetime(TimeSpan.FromMinutes(5))
    .ConfigurePrimaryHttpMessageHandler(() => new HttpClientHandler())
    .ConfigureHttpClient(client =>
    {
        client.Timeout = TimeSpan.FromMinutes(10);
    });

// �K�[����A��
builder.Services.AddControllers();

// �]�w�̤j�ШD��j�p�]1 GB�^
builder.WebHost.ConfigureKestrel(options =>
{
    options.Limits.MaxRequestBodySize = 1073741824; // 1 GB
    options.ListenAnyIP(7860); // Spaces �i��|���w�V�ݤf
});

var app = builder.Build();

// �ϥ� CORS
app.UseCors("AllowAll");

// �]�w MIME ����
var provider = new FileExtensionContentTypeProvider();
provider.Mappings[".wasm"] = "application/wasm";
provider.Mappings[".data"] = "application/data";

// �ϥ� DefaultFiles ������M�� index.html
app.UseDefaultFiles();

// �����R�A���A�ó]�m���Y
app.UseStaticFiles(new StaticFileOptions
{
    ContentTypeProvider = provider,
    OnPrepareResponse = ctx =>
    {
        Console.WriteLine($"Serving file: {ctx.File.PhysicalPath}");
        // �ҥθ󷽹j��
        ctx.Context.Response.Headers["Cross-Origin-Opener-Policy"] = "same-origin";
        ctx.Context.Response.Headers["Cross-Origin-Embedder-Policy"] = "require-corp";
        // ��s CSP �t�m�A�T�O�귽�ӷ����T
        ctx.Context.Response.Headers["Content-Security-Policy"] = "default-src 'self'; " +
                                                                 "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://m.stripe.network; " +
                                                                 "style-src 'self' 'unsafe-inline'; " +
                                                                 "worker-src 'self' blob:; " + // �����~���ӷ��A���լO�_�] Stripe �ɭP����
                                                                 "child-src 'self' blob:; " + // �P�W
                                                                 "frame-src 'self'; " + // �P�W
                                                                 "connect-src 'self' https://api.stripe.com; " +
                                                                 "img-src 'self' data:; " +
                                                                 "font-src 'self';";
    }
});

// �t�m HTTP �ШD�޹D
app.UseHttpsRedirection();
app.UseAuthorization();
app.MapControllers();
app.Run();