This commit introduces a new s3:ensure_cors_rules rake task that is run as a prerequisite to s3:upload_assets. This rake task calls out to the S3CorsRulesets class to ensure that the 3 relevant sets of CORS rules are applied, depending on site settings:
- direct S3 backups
- direct S3 uploads
This works for both Global S3 settings and Database S3 settings (the latter set directly via SiteSetting).
As it is, only one rule can be applied, which is generally the assets rule as it is called first. This commit changes the ensure_cors! method to be able to apply new rules as well as the existing ones.
This commit also slightly changes the existing rules to cover direct S3 uploads via uppy, especially multipart, which requires some more headers.