This is an automated email from the ASF dual-hosted git repository. membphis pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-apisix.git
The following commit(s) were added to refs/heads/master by this push: new eb358e9 bugfix: plugin in header_filter/body_filter should be run like log phase (#1383) eb358e9 is described below commit eb358e94c81b638fb11576fa04efacb6a9ba8b49 Author: 罗泽轩 <spacewander...@gmail.com> AuthorDate: Thu Apr 2 17:20:13 2020 +0800 bugfix: plugin in header_filter/body_filter should be run like log phase (#1383) --- apisix/init.lua | 5 ++++- apisix/plugins/cors.lua | 39 +++++++++++++++++++++++++-------------- t/plugin/cors.t | 6 +++--- 3 files changed, 32 insertions(+), 18 deletions(-) diff --git a/apisix/init.lua b/apisix/init.lua index a9a07a7..272911a 100644 --- a/apisix/init.lua +++ b/apisix/init.lua @@ -134,7 +134,10 @@ local function run_plugin(phase, plugins, api_ctx) return api_ctx end - if phase ~= "log" then + if phase ~= "log" + and phase ~= "header_filter" + and phase ~= "body_filter" + then for i = 1, #plugins, 2 do local phase_fun = plugins[i][phase] if phase_fun then diff --git a/apisix/plugins/cors.lua b/apisix/plugins/cors.lua index 208fa71..b64010e 100644 --- a/apisix/plugins/cors.lua +++ b/apisix/plugins/cors.lua @@ -85,13 +85,14 @@ function _M.check_schema(conf) return true end -function _M.header_filter(conf, ctx) - if conf.allow_origins == "**" then - conf.allow_origins = ngx.var.http_origin or '*' +function _M.access(conf, ctx) + local allow_origins = conf.allow_origins + if allow_origins == "**" then + allow_origins = ngx.var.http_origin or '*' end - if str_find(conf.allow_origins, ",", 1, true) then + if str_find(allow_origins, ",", 1, true) then local finded = false - local iterator, err = re_gmatch(conf.allow_origins, "([^,]+)", "jiox") + local iterator, err = re_gmatch(allow_origins, "([^,]+)", "jiox") if not iterator then return 500, {message = "match origins failed", error = err} end @@ -105,7 +106,7 @@ function _M.header_filter(conf, ctx) end if origin[0] == ngx.var.http_origin then - conf.allow_origins = origin[0] + allow_origins = origin[0] finded = true break end @@ -115,22 +116,32 @@ function _M.header_filter(conf, ctx) end end - if conf.allow_methods == "**" then - conf.allow_methods = "GET,POST,PUT,DELETE,PATCH,HEAD,OPTIONS,CONNECT,TRACE" + ctx.cors_allow_origins = allow_origins + + if ctx.var.request_method == "OPTIONS" then + return 200 + end +end + +function _M.header_filter(conf, ctx) + if not ctx.cors_allow_origins then + -- no origin matched, don't add headers + return + end + + local allow_methods = conf.allow_methods + if allow_methods == "**" then + allow_methods = "GET,POST,PUT,DELETE,PATCH,HEAD,OPTIONS,CONNECT,TRACE" end - ngx.header["Access-Control-Allow-Origin"] = conf.allow_origins - ngx.header["Access-Control-Allow-Methods"] = conf.allow_methods + ngx.header["Access-Control-Allow-Origin"] = ctx.cors_allow_origins + ngx.header["Access-Control-Allow-Methods"] = allow_methods ngx.header["Access-Control-Allow-Headers"] = conf.allow_headers ngx.header["Access-Control-Expose-Headers"] = conf.expose_headers ngx.header["Access-Control-Max-Age"] = conf.max_age if conf.allow_credential then ngx.header["Access-Control-Allow-Credentials"] = true end - - if ctx.var.request_method == "OPTIONS" then - return 200 - end end return _M diff --git a/t/plugin/cors.t b/t/plugin/cors.t index eed58fb..392162f 100644 --- a/t/plugin/cors.t +++ b/t/plugin/cors.t @@ -254,7 +254,7 @@ Access-Control-Allow-Credentials: -=== TEST 8: set route(spcific) +=== TEST 8: set route (cors specified) --- config location /t { content_by_lua_block { @@ -297,7 +297,7 @@ passed -=== TEST 9: cors spcific +=== TEST 9: cors specified --- request GET /hello HTTP/1.1 --- more_headers @@ -316,7 +316,7 @@ Access-Control-Allow-Credentials: true -=== TEST 10: cors spcific no match orgin +=== TEST 10: cors specified no match origin --- request GET /hello HTTP/1.1 --- more_headers