YONK-752: add j2 templates for scorm xblock static content access

5d482993 · wajeeha-khalid · 5ec97225 · 5d482993 · 5d482993 · 5d482993
Commit 5d482993 authored Sep 11, 2017 by wajeeha-khalid
4 changed files
--- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/extra_locations_lms.j2
+++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/extra_locations_lms.j2
+
+# The Origin request header indicates where a fetch originates from. It doesn't include any path information,
+# but only the server name (e.g. https://www.example.com).
+# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin for details.
+#
+# Here we set the value that is included in the Access-Control-Allow-Origin response header. If the origin is one
+# of our known hosts--served via HTTP or HTTPS--we allow for CORS. Otherwise, we set the "null" value, disallowing CORS.
+map $http_origin $cors_origin {
+default "null";
+{% for host in CORS_ORIGIN_WHITELIST %}
+  "~*^https?:\/\/{{ host|replace('.', '\.') }}$" $http_origin;
+{% endfor %}
+}
+
+location ~ ^/{{ EDXAPP_MEDIA_URL }}/{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PKG_STORAGE_DIR }}/(?P<file>.*) {
+    add_header 'Access-Control-Allow-Origin' $cors_origin;
+    add_header 'Access-Control-Allow-Credentials' 'true';
+    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+
+    root {{ edxapp_media_dir }}/{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PKG_STORAGE_DIR }};
+    try_files /$file =404;
+    expires 31536000s;
+}
\ No newline at end of file
--- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/lms.j2
+++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/lms.j2
@@ -282,5 +282,6 @@ location ~ ^{{ EDXAPP_MEDIA_URL }}/(?P<file>.*) {

  {% include "robots.j2" %}
  {% include "static-files.j2" %}
+  {% include "extra_locations_lms.j2" ignore missing %}

 }
--- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/static-files-extra.j2
+++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/static-files-extra.j2
+
+# The Origin request header indicates where a fetch originates from. It doesn't include any path information,
+# but only the server name (e.g. https://www.example.com).
+# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin for details.
+#
+# Here we set the value that is included in the Access-Control-Allow-Origin response header. If the origin is one
+# of our known hosts--served via HTTP or HTTPS--we allow for CORS. Otherwise, we set the "null" value, disallowing CORS.
+map $http_origin $cors_origin {
+default "null";
+{% for host in CORS_ORIGIN_WHITELIST %}
+  "~*^https?:\/\/{{ host|replace('.', '\.') }}$" $http_origin;
+{% endfor %}
+}
+
+# w/in scorm/, override default return 403 for these file types
+location ~ ^/static/scorm/(?:.*)(?:\.xml|\.json) {
+    try_files /{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PLAYER_LOCAL_STORAGE_ROOT }}/$file =404;
+}
+
+location ~ "/scorm/(?P<file>.*)" {
+  add_header 'Access-Control-Allow-Origin' $cors_origin;
+  add_header 'Access-Control-Allow-Credentials' 'true';
+  add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+  try_files /{{ XBLOCK_SETTINGS.ScormXBlock.SCORM_PLAYER_LOCAL_STORAGE_ROOT }}/$file =404;
+}
\ No newline at end of file
--- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/static-files.j2
+++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/static-files.j2
@@ -38,6 +38,8 @@
        try_files /staticfiles/$collected /course_static/$collected =404;
    }

+    {% include "static-files-extra.j2" ignore missing %}
+
    # Expire other static files immediately (there should be very few / none of these)
    expires 300;
  }