From 0e2ce294682caf07f65a174f9c7e7b3b01ca4ca2 Mon Sep 17 00:00:00 2001
From: Fabien O'Carroll <fabien@allou.is>
Date: Tue, 25 Jun 2019 14:31:46 +0700
Subject: [PATCH] Moved members static mount point to /ghost/members

no-issue

This alleviates the CORS requests failing for members when the admin is
hosted on a different domain than the site
---
 core/server/public/members.js                           | 2 +-
 core/server/web/parent-app.js                           | 8 ++++----
 core/server/web/shared/middlewares/serve-public-file.js | 2 ++
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/core/server/public/members.js b/core/server/public/members.js
index 4288420780..2f61b862d6 100644
--- a/core/server/public/members.js
+++ b/core/server/public/members.js
@@ -1 +1 @@
-MembersThemeBindings.init({ssrUrl: "{{blog-url}}/members/ssr", membersUrl: "{{blog-url}}/members"});
+MembersThemeBindings.init({ssrUrl: "{{blog-url}}/members/ssr", membersUrl: "{{admin-url}}/members"});
diff --git a/core/server/web/parent-app.js b/core/server/web/parent-app.js
index b251f55e61..61befab68f 100644
--- a/core/server/web/parent-app.js
+++ b/core/server/web/parent-app.js
@@ -45,13 +45,13 @@ module.exports = function setupParentApp(options = {}) {
     // @TODO: finish refactoring the API app
     parentApp.use('/ghost/api', require('./api')());
 
+    // MEMBERS
+    parentApp.use('/ghost/members', labs.members, membersService.gateway);
+    parentApp.use('/ghost/members/auth', labs.members, membersService.authPages);
+
     // ADMIN
     parentApp.use('/ghost', require('./admin')());
 
-    // MEMBERS
-    parentApp.use('/members', labs.members, membersService.gateway);
-    parentApp.use('/members/auth', labs.members, membersService.authPages);
-
     // BLOG
     parentApp.use(require('./site')(options));
 
diff --git a/core/server/web/shared/middlewares/serve-public-file.js b/core/server/web/shared/middlewares/serve-public-file.js
index ee391f6ba8..708ac3cbf0 100644
--- a/core/server/web/shared/middlewares/serve-public-file.js
+++ b/core/server/web/shared/middlewares/serve-public-file.js
@@ -9,6 +9,7 @@ function createPublicFileMiddleware(file, type, maxAge) {
     const publicFilePath = config.get('paths').publicFilePath;
     const filePath = file.match(/^public/) ? path.join(publicFilePath, file.replace(/^public/, '')) : path.join(publicFilePath, file);
     const blogRegex = /(\{\{blog-url\}\})/g;
+    const adminRegex = /(\{\{admin-url\}\})/g;
     const apiRegex = /(\{\{api-url\}\})/g;
 
     return function servePublicFile(req, res, next) {
@@ -26,6 +27,7 @@ function createPublicFileMiddleware(file, type, maxAge) {
             if (type === 'text/xsl' || type === 'text/plain' || type === 'application/javascript') {
                 str = str.replace(blogRegex, urlUtils.urlFor('home', true).replace(/\/$/, ''));
                 str = str.replace(apiRegex, urlUtils.urlFor('api', {cors: true, version: 'v0.1', versionType: 'content'}, true));
+                str = str.replace(adminRegex, urlUtils.urlFor('admin', true).replace(/\/$/, ''));
             }
 
             content = {