From 49ee5592519ed85a9c79260cb689ed70f85e7116 Mon Sep 17 00:00:00 2001
From: "Fabian P. Schmidt" <kerel@mailbox.org>
Date: Thu, 21 Oct 2021 20:09:27 +0300
Subject: [PATCH] Enable CORS headers for artifact media file requests

Fixes #495.
Signed-off-by: Fabian P. Schmidt <kerel@mailbox.org>
---
 db/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/db/settings.py b/db/settings.py
index 7de0b83..1d6b1de 100644
--- a/db/settings.py
+++ b/db/settings.py
@@ -387,7 +387,7 @@ SPECTACULAR_SETTINGS = {
 SECRET_KEY = config('SECRET_KEY', default='changeme')
 SECURE_HSTS_SECONDS = config('SECURE_HSTS_SECONDS', default=31536000, cast=int)
 CORS_ALLOW_ALL_ORIGINS = config('CORS_ALLOW_ALL_ORIGINS', default=True, cast=bool)
-CORS_URLS_REGEX = config('CORS_URLS_REGEX', default=r'^/api/artifacts/.*$')
+CORS_URLS_REGEX = config('CORS_URLS_REGEX', default=r'^(?:/api/artifacts/.*|/media/artifacts/.*)$')
 CORS_ALLOW_METHODS = config('CORS_ALLOW_METHODS', default='GET, OPTIONS', cast=Csv())
 CSP_DEFAULT_SRC = config(
     'CSP_DEFAULT_SRC',