Support cors-allow-origin with multiple origins (#7614)
* Add Initial support for multiple cors origins in nginx - bump cluster version for `make dev-env` - add buildOriginRegex function in nginx.tmpl - add e2e 4 e2e tests for cors.go - refers to feature request #5496 * add tests + use search to identify '*' origin * add tests + use search to identify '*' origin Signed-off-by: Christopher Larivière <lariviere.c@gmail.com> * fix "should enable cors test" looking at improper values * Modify tests and add some logic for origin validation - add origin validation in cors ingress annotations - add extra tests to validate regex - properly escape regex using "QuoteMeta" - fix some copy/paste errors * add TrimSpace and length validation before adding a new origin * modify documentation for cors and remove dangling comment * add support for optional port mapping on origin * support single-level wildcard subdomains + tests * Remove automatic `*` fonctionality from incorrect origins - use []string instead of basic string to avoid reparsing in template.go - fix typo in docs - modify template to properly enable only if the whole block is enabled - modify cors parsing - test properly by validating that the value returned is the proper origin - update unit tests and annotation tests * Re-add `*` when no cors origins are supplied + fix tests - fix e2e tests to allow for `*` - re-add `*` to cors parsing if trimmed cors-allow-origin is empty (supplied but empty) and if it wasn't supplied at all. * remove unecessary logic for building cors origin + remove comments - add some edge cases in e2e tests - rework logic for building cors origin there was no need for logic in template.go for buildCorsOriginRegex if there is a `*` it ill be short-circuited by first if. if it's a wildcard domain or any domain (without a wildcard), it MUST match the main/cors.go regex format. if there's a star in a wildcard domain, it must be replaced with `[A-Za-z0-9]+` * add missing check in e2e tests
This commit is contained in:
Christopher Larivière
GitHub
parent
a5bab6a715
commit
65b8eeddec
10 changed files with 570 additions and 44 deletions
|
|
@ -276,6 +276,7 @@ var (
|
|||
"shouldLoadAuthDigestModule": shouldLoadAuthDigestModule,
|
||||
"shouldLoadInfluxDBModule": shouldLoadInfluxDBModule,
|
||||
"buildServerName": buildServerName,
|
||||
"buildCorsOriginRegex": buildCorsOriginRegex,
|
||||
}
|
||||
)
|
||||
|
||||
|
|
@ -1676,3 +1677,29 @@ func convertGoSliceIntoLuaTable(goSliceInterface interface{}, emptyStringAsNil b
|
|||
return "", fmt.Errorf("could not process type: %s", kind)
|
||||
}
|
||||
}
|
||||
|
||||
func buildOriginRegex(origin string) string {
|
||||
origin = regexp.QuoteMeta(origin)
|
||||
origin = strings.Replace(origin, "\\*", "[A-Za-z0-9]+", 1)
|
||||
return fmt.Sprintf("(%s)", origin)
|
||||
}
|
||||
|
||||
func buildCorsOriginRegex(corsOrigins []string) string {
|
||||
if len(corsOrigins) == 1 && corsOrigins[0] == "*" {
|
||||
return "set $http_origin *;\nset $cors 'true';"
|
||||
}
|
||||
|
||||
var originsRegex string = "if ($http_origin ~* ("
|
||||
for i, origin := range corsOrigins {
|
||||
originTrimmed := strings.TrimSpace(origin)
|
||||
if len(originTrimmed) > 0 {
|
||||
builtOrigin := buildOriginRegex(originTrimmed)
|
||||
originsRegex += builtOrigin
|
||||
if i != len(corsOrigins)-1 {
|
||||
originsRegex = originsRegex + "|"
|
||||
}
|
||||
}
|
||||
}
|
||||
originsRegex = originsRegex + ")$ ) { set $cors 'true'; }"
|
||||
return originsRegex
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue