|
| 1 | +--- |
| 2 | +title: "Sharing via gitlab://" |
| 3 | +slug: "sharing-via-gitlab" |
| 4 | +date: 2025-06-11 |
| 5 | +draft: false |
| 6 | +author: André Dietrich |
| 7 | +image: "https://upload.wikimedia.org/wikipedia/commons/c/c8/GitLab_logo_%282%29.svg" |
| 8 | +tags: |
| 9 | + - GitLab |
| 10 | + - OER |
| 11 | +--- |
| 12 | + |
| 13 | +> **TL;DR** |
| 14 | +> Add `gitlab://` in front of any raw-file URL that refuses to load in LiaScript. |
| 15 | +> We’ll translate it into a GitLab API v4 request behind the scenes, bypassing CORS for you. |
| 16 | +
|
| 17 | +--- |
| 18 | + |
| 19 | +LiaScript has a built-in URL-translation engine that lets you embed external resources—even when browsers would normally block them because of CORS (Cross-Origin Resource Sharing) limitations. The most common stumbling block is self-hosted GitLab, so let’s start there. |
| 20 | + |
| 21 | +## What *api/v4* Means in GitLab |
| 22 | + |
| 23 | +`/api/v4/` is the root of **GitLab’s REST API version 4**—the current, stable API that’s been in place since GitLab 9.0 (2017).<br> |
| 24 | +Every stable GitLab release ships this endpoint, and all official docs and examples assume v4 unless noted otherwise. In practice, the path signals three things: |
| 25 | + |
| 26 | +1. **Versioning:** Using `v4` lets GitLab evolve its API without breaking older clients; if a future v5 appears, your v4 calls will still work. |
| 27 | +2. **REST semantics:** Endpoints map cleanly to resources such as *projects*, *repository files*, *issues*, etc. |
| 28 | +3. **CORS-friendly headers:** The API replies with the right CORS headers, so browsers are allowed to fetch the content. |
| 29 | + |
| 30 | +In short, *api/v4* is the safest way to programmatically grab anything from a GitLab server. |
| 31 | + |
| 32 | +--- |
| 33 | + |
| 34 | +## GitLab Integration in LiaScript |
| 35 | + |
| 36 | +### 1. Public GitLab .com |
| 37 | + |
| 38 | +When you paste a normal raw-file link, LiaScript silently rewrites it: |
| 39 | + |
| 40 | +```text |
| 41 | +https://gitlab.com/user/repo/-/raw/main/README.md |
| 42 | +```` |
| 43 | +
|
| 44 | +becomes |
| 45 | +
|
| 46 | +```text |
| 47 | +https://gitlab.com/api/v4/projects/user%2Frepo/repository/files/README.md/raw?ref=main |
| 48 | +``` |
| 49 | + |
| 50 | +So the file is fetched through the CORS-friendly API instead of the raw file server. |
| 51 | + |
| 52 | +### 2. Self-Hosted GitLab (or Locked-Down Groups) |
| 53 | + |
| 54 | +Some admins disable CORS entirely. In that case, prepend `gitlab://` yourself: |
| 55 | + |
| 56 | +```text |
| 57 | +gitlab://git.example.org/user/repo/-/raw/main/README.md |
| 58 | +``` |
| 59 | + |
| 60 | +LiaScript detects the scheme, swaps it for an API v4 call, and URL-encodes the project path: |
| 61 | + |
| 62 | +```text |
| 63 | +https://git.example.org/api/v4/projects/user%2Frepo/repository/files/README.md/raw?ref=main |
| 64 | +``` |
| 65 | + |
| 66 | +**That’s all—no extra setup, no browser plugins, no CORS errors.** |
| 67 | + |
| 68 | +--- |
| 69 | + |
| 70 | +## Other Platforms Supported Out of the Box |
| 71 | + |
| 72 | +The system also handles URLs from: |
| 73 | + |
| 74 | +- GitHub |
| 75 | +- Dropbox |
| 76 | +- OneDrive |
| 77 | +- Codeberg |
| 78 | +- NextCloud -- `nextcloud://` |
| 79 | + |
| 80 | +Each platform has its own pattern matching and transformation rules to ensure content can be properly embedded in LiaScript courses. |
0 commit comments