This is an automated email from the ASF dual-hosted git repository.
membphis pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-apisix.git
The following commit(s) were added to refs/heads/master by this push:
new eb358e9 bugfix: plugin in header_filter/body_filter should be run
like log phase (#1383)
eb358e9 is described below
commit eb358e94c81b638fb11576fa04efacb6a9ba8b49
Author: 罗泽轩 <[email protected]>
AuthorDate: Thu Apr 2 17:20:13 2020 +0800
bugfix: plugin in header_filter/body_filter should be run like log phase
(#1383)
---
apisix/init.lua | 5 ++++-
apisix/plugins/cors.lua | 39 +++++++++++++++++++++++++--------------
t/plugin/cors.t | 6 +++---
3 files changed, 32 insertions(+), 18 deletions(-)
diff --git a/apisix/init.lua b/apisix/init.lua
index a9a07a7..272911a 100644
--- a/apisix/init.lua
+++ b/apisix/init.lua
@@ -134,7 +134,10 @@ local function run_plugin(phase, plugins, api_ctx)
return api_ctx
end
- if phase ~= "log" then
+ if phase ~= "log"
+ and phase ~= "header_filter"
+ and phase ~= "body_filter"
+ then
for i = 1, #plugins, 2 do
local phase_fun = plugins[i][phase]
if phase_fun then
diff --git a/apisix/plugins/cors.lua b/apisix/plugins/cors.lua
index 208fa71..b64010e 100644
--- a/apisix/plugins/cors.lua
+++ b/apisix/plugins/cors.lua
@@ -85,13 +85,14 @@ function _M.check_schema(conf)
return true
end
-function _M.header_filter(conf, ctx)
- if conf.allow_origins == "**" then
- conf.allow_origins = ngx.var.http_origin or '*'
+function _M.access(conf, ctx)
+ local allow_origins = conf.allow_origins
+ if allow_origins == "**" then
+ allow_origins = ngx.var.http_origin or '*'
end
- if str_find(conf.allow_origins, ",", 1, true) then
+ if str_find(allow_origins, ",", 1, true) then
local finded = false
- local iterator, err = re_gmatch(conf.allow_origins, "([^,]+)", "jiox")
+ local iterator, err = re_gmatch(allow_origins, "([^,]+)", "jiox")
if not iterator then
return 500, {message = "match origins failed", error = err}
end
@@ -105,7 +106,7 @@ function _M.header_filter(conf, ctx)
end
if origin[0] == ngx.var.http_origin then
- conf.allow_origins = origin[0]
+ allow_origins = origin[0]
finded = true
break
end
@@ -115,22 +116,32 @@ function _M.header_filter(conf, ctx)
end
end
- if conf.allow_methods == "**" then
- conf.allow_methods =
"GET,POST,PUT,DELETE,PATCH,HEAD,OPTIONS,CONNECT,TRACE"
+ ctx.cors_allow_origins = allow_origins
+
+ if ctx.var.request_method == "OPTIONS" then
+ return 200
+ end
+end
+
+function _M.header_filter(conf, ctx)
+ if not ctx.cors_allow_origins then
+ -- no origin matched, don't add headers
+ return
+ end
+
+ local allow_methods = conf.allow_methods
+ if allow_methods == "**" then
+ allow_methods = "GET,POST,PUT,DELETE,PATCH,HEAD,OPTIONS,CONNECT,TRACE"
end
- ngx.header["Access-Control-Allow-Origin"] = conf.allow_origins
- ngx.header["Access-Control-Allow-Methods"] = conf.allow_methods
+ ngx.header["Access-Control-Allow-Origin"] = ctx.cors_allow_origins
+ ngx.header["Access-Control-Allow-Methods"] = allow_methods
ngx.header["Access-Control-Allow-Headers"] = conf.allow_headers
ngx.header["Access-Control-Expose-Headers"] = conf.expose_headers
ngx.header["Access-Control-Max-Age"] = conf.max_age
if conf.allow_credential then
ngx.header["Access-Control-Allow-Credentials"] = true
end
-
- if ctx.var.request_method == "OPTIONS" then
- return 200
- end
end
return _M
diff --git a/t/plugin/cors.t b/t/plugin/cors.t
index eed58fb..392162f 100644
--- a/t/plugin/cors.t
+++ b/t/plugin/cors.t
@@ -254,7 +254,7 @@ Access-Control-Allow-Credentials:
-=== TEST 8: set route(spcific)
+=== TEST 8: set route (cors specified)
--- config
location /t {
content_by_lua_block {
@@ -297,7 +297,7 @@ passed
-=== TEST 9: cors spcific
+=== TEST 9: cors specified
--- request
GET /hello HTTP/1.1
--- more_headers
@@ -316,7 +316,7 @@ Access-Control-Allow-Credentials: true
-=== TEST 10: cors spcific no match orgin
+=== TEST 10: cors specified no match origin
--- request
GET /hello HTTP/1.1
--- more_headers
