[ https://issues.apache.org/jira/browse/SCB-317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16362134#comment-16362134 ]
ASF GitHub Bot commented on SCB-317: ------------------------------------ asifdxtreme closed pull request #285: SCB-317 Prepare the release for Service-Center-1.0.0-m1 URL: https://github.com/apache/incubator-servicecomb-service-center/pull/285 This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/NOTICE b/NOTICE index 5111231c..cb250bd7 100644 --- a/NOTICE +++ b/NOTICE @@ -198,8 +198,7 @@ SoundCloud Ltd. (http://soundcloud.com/). Notice for rs/cors -rs/cors provides functions to allow CORS for http request, some part -of the code was used and modified as per the use case. +rs/cors provides functions to allow CORS for http request Credit to : diff --git a/scripts/create_gvt_manifest(exp).sh b/scripts/create_gvt_manifest(exp).sh index f27ff777..b2e636cb 100755 --- a/scripts/create_gvt_manifest(exp).sh +++ b/scripts/create_gvt_manifest(exp).sh @@ -76,3 +76,4 @@ gvt fetch -precaire -no-recurse -revision ded5959c0d4e360646dc9e9908cff486667813 gvt fetch -precaire -no-recurse -revision cb6bfca970f6908083f26f39a79009d608efd5cd github.com/klauspost/crc32 gvt fetch -precaire -no-recurse -revision 879c5887cd475cd7864858769793b2ceb0d44feb github.com/satori/go.uuid gvt fetch -precaire -no-recurse -revision 378a833fc008d8343083dc73e77db142afccf377 github.com/ServiceComb/paas-lager +gvt fetch -precaire -no-recurse -revision 8dd4211afb5d08dbb39a533b9bb9e4b486351df6 github.com/rs/cors diff --git a/server/interceptor/cors/cors.go b/server/interceptor/cors/cors.go index 4bf7b70a..5cce9ab0 100644 --- a/server/interceptor/cors/cors.go +++ b/server/interceptor/cors/cors.go @@ -26,127 +26,24 @@ package cors import ( "errors" "github.com/apache/incubator-servicecomb-service-center/pkg/util" - "io" + "github.com/rs/cors" "net/http" - "strconv" - "strings" ) -var cors *CORS +var CORS *cors.Cors func init() { - cors = New() -} - -type CORS struct { - allowOrigin string - allowMethods map[string]struct{} - allowHeaders map[string]struct{} - allowCredentials bool - exposeHeaders string - maxAge int - userHandler http.Handler -} - -func New() *CORS { - c := new(CORS) - c.allowOrigin = "*" - c.allowCredentials = false - c.allowHeaders = map[string]struct{}{"origin": {}, "accept": {}, "content-type": {}, "x-domain-name": {}, "x-consumerid": {}} - c.allowMethods = map[string]struct{}{"GET": {}, "POST": {}, "PUT": {}, "DELETE": {}, "UPDATE": {}} - c.maxAge = 1500 - return c -} - -func (cors *CORS) AllowMethods() []string { - return util.MapToList(cors.allowMethods) -} - -func (cors *CORS) AllowHeaders() []string { - return util.MapToList(cors.allowHeaders) -} - -func (cors *CORS) handlePreflightRequest(w http.ResponseWriter, r *http.Request) { - acrm := r.Header.Get("Access-Control-Request-Method") - if acrm == "" { - cors.invalid(w, r) - util.Logger().Warnf(nil, "header 'Access-Control-Request-Method' is empty") - return - } - methods := strings.Split(strings.TrimSpace(acrm), ",") - for _, m := range methods { - m = strings.TrimSpace(m) - if _, ok := cors.allowMethods[m]; !ok { - cors.invalid(w, r) - util.Logger().Warnf(nil, "only supported methods: %v", util.MapToList(cors.allowMethods)) - return - } - } - acrh := r.Header.Get("Access-Control-Request-Headers") - if acrh != "" { - headers := strings.Split(strings.TrimSpace(acrh), ",") - for _, h := range headers { - h = strings.ToLower(strings.TrimSpace(h)) - if _, ok := cors.allowHeaders[h]; !ok { - cors.invalid(w, r) - util.Logger().Warnf(nil, "invalid header '%s', only supported headers: %v", h, util.MapToList(cors.allowHeaders)) - return - } - } - } - - w.Header().Add("Access-Control-Allow-Methods", util.StringJoin(cors.AllowMethods(), ",")) - w.Header().Add("Access-Control-Allow-Headers", util.StringJoin(cors.AllowHeaders(), ",")) - w.Header().Add("Access-Control-Max-Age", strconv.Itoa(cors.maxAge)) - cors.addAllowOriginHeader(w, r) - cors.addAllowCookiesHeader(w, r) - return -} - -func (cors *CORS) invalid(w http.ResponseWriter, r *http.Request) { - r.Header.Set("Content-Type", "text/html; charset=utf-8") - io.WriteString(w, "CORS Request Invalid") - return -} - -func (cors *CORS) handleActualRequest(w http.ResponseWriter, r *http.Request) { - if cors.exposeHeaders != "" { - w.Header().Add("Access-Control-Expose-Headers", cors.exposeHeaders) - } - cors.addAllowOriginHeader(w, r) - cors.addAllowCookiesHeader(w, r) - return -} - -func (cors *CORS) addAllowOriginHeader(w http.ResponseWriter, r *http.Request) { - w.Header().Add("Access-Control-Allow-Origin", cors.allowOrigin) - return -} - -func (cors *CORS) addAllowCookiesHeader(w http.ResponseWriter, r *http.Request) { - if cors.allowCredentials { - w.Header().Add("Access-Control-Allow-Credentials", "true") - } -} - -func SetAllowMethods(methods []string) { - cors.allowMethods = util.ListToMap(methods) -} - -func SetAllowHeaders(headers []string) { - cors.allowHeaders = util.ListToMap(headers) + CORS = cors.New(cors.Options{ + AllowedHeaders: []string{"Origin", "Accept", "Content-Type", "X-Domain-Name", "X-ConsumerId"}, + AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "UPDATE"}, + }) } func Intercept(w http.ResponseWriter, r *http.Request) (err error) { - if origin := r.Header.Get("Origin"); origin == "" { - } else if r.Method != "OPTIONS" { - cors.handleActualRequest(w, r) - } else if acrm := r.Header.Get("Access-Control-Request-Method"); acrm == "" { - cors.handleActualRequest(w, r) - } else { - util.Logger().Debugf("identify the current request is a CORS") - cors.handlePreflightRequest(w, r) - err = errors.New("Handle preflight request") + CORS.HandlerFunc(w, r) + if r.Method == "OPTIONS" { + util.Logger().Debugf("identify the current request is a CORS, url: %s", r.RequestURI) + err = errors.New("Handle the preflight request") } return } diff --git a/vendor/manifest b/vendor/manifest index 697b78c5..9b4bf0ef 100644 --- a/vendor/manifest +++ b/vendor/manifest @@ -433,6 +433,22 @@ "branch": "HEAD", "notests": true }, + { + "importpath": "github.com/rs/cors", + "repository": "https://github.com/rs/cors", + "vcs": "git", + "revision": "8dd4211afb5d08dbb39a533b9bb9e4b486351df6", + "branch": "HEAD", + "notests": true + }, + { + "importpath": "github.com/satori/go.uuid", + "repository": "https://github.com/satori/go.uuid", + "vcs": "git", + "revision": "879c5887cd475cd7864858769793b2ceb0d44feb", + "branch": "HEAD", + "notests": true + }, { "importpath": "github.com/siddontang/go", "repository": "https://github.com/siddontang/go", @@ -576,14 +592,6 @@ "revision": "d670f9405373e636a5a2765eea47fac0c9bc91a4", "branch": "HEAD", "notests": true - }, - { - "importpath": "github.com/satori/go.uuid", - "repository": "https://github.com/satori/go.uuid", - "vcs": "git", - "revision": "879c5887cd475cd7864858769793b2ceb0d44feb", - "branch": "HEAD", - "notests": true } ] -} +} \ No newline at end of file ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Prepare the release for Service-Center-1.0.0-m1 > ----------------------------------------------- > > Key: SCB-317 > URL: https://issues.apache.org/jira/browse/SCB-317 > Project: Apache ServiceComb > Issue Type: Wish > Components: Service-Center > Affects Versions: service-center-1.0.0-m1 > Reporter: Mohammad Asif Siddiqui > Assignee: Mohammad Asif Siddiqui > Priority: Major > Fix For: service-center-1.0.0-m1 > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)