mirror of
https://github.com/ipfs/kubo.git
synced 2026-02-21 10:27:46 +08:00
Merge pull request #2019 from ipfs/Dignifiedquire-fix/access-controll-headers
Dignifiedquire fix/access controll headers
This commit is contained in:
commit
0f39687fb6
@ -255,6 +255,11 @@ func sendResponse(w http.ResponseWriter, r *http.Request, res cmds.Response, req
|
||||
h.Set(contentTypeHeader, mime)
|
||||
h.Set(transferEncodingHeader, "chunked")
|
||||
|
||||
// set 'allowed' headers
|
||||
h.Set("Access-Control-Allow-Headers", "X-Stream-Output, X-Chunked-Output")
|
||||
// expose those headers
|
||||
h.Set("Access-Control-Expose-Headers", "X-Stream-Output, X-Chunked-Output")
|
||||
|
||||
if r.Method == "HEAD" { // after all the headers.
|
||||
return
|
||||
}
|
||||
|
||||
@ -11,6 +11,8 @@ import (
|
||||
coremock "github.com/ipfs/go-ipfs/core/mock"
|
||||
)
|
||||
|
||||
const AllowedExposedHeaders = "X-Stream-Output, X-Chunked-Output"
|
||||
|
||||
func assertHeaders(t *testing.T, resHeaders http.Header, reqHeaders map[string]string) {
|
||||
for name, value := range reqHeaders {
|
||||
if resHeaders.Get(name) != value {
|
||||
@ -170,7 +172,7 @@ func TestAllowedOrigins(t *testing.T) {
|
||||
ACAMethods: "",
|
||||
ACACredentials: "",
|
||||
"Access-Control-Max-Age": "",
|
||||
"Access-Control-Expose-Headers": "",
|
||||
"Access-Control-Expose-Headers": AllowedExposedHeaders,
|
||||
},
|
||||
Code: http.StatusOK,
|
||||
}
|
||||
@ -198,7 +200,7 @@ func TestWildcardOrigin(t *testing.T) {
|
||||
ACAMethods: "",
|
||||
ACACredentials: "",
|
||||
"Access-Control-Max-Age": "",
|
||||
"Access-Control-Expose-Headers": "",
|
||||
"Access-Control-Expose-Headers": AllowedExposedHeaders,
|
||||
},
|
||||
Code: http.StatusOK,
|
||||
}
|
||||
@ -258,7 +260,7 @@ func TestAllowedReferer(t *testing.T) {
|
||||
ACAMethods: "",
|
||||
ACACredentials: "",
|
||||
"Access-Control-Max-Age": "",
|
||||
"Access-Control-Expose-Headers": "",
|
||||
"Access-Control-Expose-Headers": AllowedExposedHeaders,
|
||||
},
|
||||
Code: http.StatusOK,
|
||||
}
|
||||
@ -286,7 +288,7 @@ func TestWildcardReferer(t *testing.T) {
|
||||
ACAMethods: "",
|
||||
ACACredentials: "",
|
||||
"Access-Control-Max-Age": "",
|
||||
"Access-Control-Expose-Headers": "",
|
||||
"Access-Control-Expose-Headers": AllowedExposedHeaders,
|
||||
},
|
||||
Code: http.StatusOK,
|
||||
}
|
||||
|
||||
@ -134,6 +134,11 @@ func (i *gatewayHandler) getOrHeadHandler(w http.ResponseWriter, r *http.Request
|
||||
i.addUserHeaders(w) // ok, _now_ write user's headers.
|
||||
w.Header().Set("X-IPFS-Path", urlPath)
|
||||
|
||||
// set 'allowed' headers
|
||||
w.Header().Set("Access-Control-Allow-Headers", "X-Stream-Output, X-Chunked-Output")
|
||||
// expose those headers
|
||||
w.Header().Set("Access-Control-Expose-Headers", "X-Stream-Output, X-Chunked-Output")
|
||||
|
||||
// Suborigin header, sandboxes apps from each other in the browser (even
|
||||
// though they are served from the same gateway domain).
|
||||
//
|
||||
|
||||
@ -21,6 +21,8 @@ test_ls_cmd() {
|
||||
|
||||
test_expect_success "Text encoded channel-streaming command output looks good" '
|
||||
printf "HTTP/1.1 200 OK\r\n" >expected_output &&
|
||||
printf "Access-Control-Allow-Headers: X-Stream-Output, X-Chunked-Output\r\n" >>expected_output &&
|
||||
printf "Access-Control-Expose-Headers: X-Stream-Output, X-Chunked-Output\r\n" >>expected_output &&
|
||||
printf "Content-Type: text/plain\r\n" >>expected_output &&
|
||||
printf "Trailer: X-Stream-Error\r\n" >>expected_output &&
|
||||
printf "Transfer-Encoding: chunked\r\n" >>expected_output &&
|
||||
@ -41,6 +43,8 @@ test_ls_cmd() {
|
||||
|
||||
test_expect_success "JSON encoded channel-streaming command output looks good" '
|
||||
printf "HTTP/1.1 200 OK\r\n" >expected_output &&
|
||||
printf "Access-Control-Allow-Headers: X-Stream-Output, X-Chunked-Output\r\n" >>expected_output &&
|
||||
printf "Access-Control-Expose-Headers: X-Stream-Output, X-Chunked-Output\r\n" >>expected_output &&
|
||||
printf "Content-Type: application/json\r\n" >>expected_output &&
|
||||
printf "Trailer: X-Stream-Error\r\n" >>expected_output &&
|
||||
printf "Transfer-Encoding: chunked\r\n" >>expected_output &&
|
||||
|
||||
Loading…
Reference in New Issue
Block a user