tokers commented on a change in pull request #3839:
URL: https://github.com/apache/apisix/pull/3839#discussion_r595959867
##########
File path: apisix/plugins/cors.lua
##########
@@ -73,7 +75,19 @@ local schema = {
"if you set this option to 'true', you can not use '*' for
other options.",
type = "boolean",
default = false
- }
+ },
+ allow_origins_by_regex = {
+ type = "array",
+ description =
+ "you can use regex to allow specific origins when no
credentials," ..
+ "for example use [.*.test.com] to allow a.test.com and
b.test.com",
Review comment:
Should be `.*\.test.com `
##########
File path: apisix/plugins/cors.lua
##########
@@ -179,8 +193,49 @@ function _M.header_filter(conf, ctx)
end
end
- ctx.cors_allow_origins = allow_origins
- set_cors_headers(conf, ctx)
+ return allow_origins
+end
+
+local function process_with_allow_origins_by_regex(conf, ctx)
+ if conf.allow_origins_by_regex == nil or
next(conf.allow_origins_by_regex) == nil then
+ return
+ end
+ local req_origin = core.request.header(ctx, "Origin")
+
+ if not conf.allow_origins_by_regex_rules_concat then
+ local allow_origins_by_regex_rules = {}
Review comment:
We can create the table with pre-allocated array part size to
`#conf.allow_origins_by_regex `.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
