fix: remove cors-proxy api

yaroslav8765 · yaroslav8765 · commit cae87fb6d944 · 2026-06-22T16:03:22.000+03:00
AdminForth/1731/security-audit
diff --git a/custom/imageGenerator.vue b/custom/imageGenerator.vue
@@ -302,10 +302,6 @@ async function confirmImage() {
     }
     const byteArray = new Uint8Array(byteNumbers);
     imgBlob = new Blob([byteArray], { type: mimeType });
-  } else {
-    imgBlob = await fetch(
-      `${import.meta.env.VITE_ADMINFORTH_PUBLIC_PATH || ''}/adminapi/v1/plugin/${props.meta.pluginInstanceId}/cors-proxy?url=${encodeURIComponent(img)}`
-    ).then(res => { return res.blob() });
   }
 
   emit('uploadImage', imgBlob);
diff --git a/index.ts b/index.ts
@@ -494,19 +494,6 @@ export default class UploadPlugin extends AdminForthPlugin {
         return { ok: true, job };
       }
     });
-
-    server.endpoint({
-      method: 'GET',
-      path: `/plugin/${this.pluginInstanceId}/cors-proxy`,
-      handler: async ({ query, response  }) => {
-        const { url } = query;
-        const resp = await fetch(url);
-        response.setHeader('Content-Type', resp.headers.get('Content-Type'));
-        //@ts-ignore
-        Readable.fromWeb( resp.body ).pipe( response.blobStream() );
-        return null
-      }
-    });
     
     server.endpoint({
       method: 'POST',

Original file line number	Diff line number	Diff line change
`@@ -302,10 +302,6 @@ async function confirmImage() {`
`302`	`302`	`}`
`303`	`303`	`const byteArray = new Uint8Array(byteNumbers);`
`304`	`304`	`imgBlob = new Blob([byteArray], { type: mimeType });`
`305`		`- } else {`
`306`		`- imgBlob = await fetch(`
`307`		- `${import.meta.env.VITE_ADMINFORTH_PUBLIC_PATH \|\| ''}/adminapi/v1/plugin/${props.meta.pluginInstanceId}/cors-proxy?url=${encodeURIComponent(img)}`
`308`		`- ).then(res => { return res.blob() });`
`309`	`305`	`}`
`310`	`306`
`311`	`307`	`emit('uploadImage', imgBlob);`