-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
features: append cors plugin #1327
Conversation
@Miss-you please take a look, thx |
lua/apisix/plugins/cors.lua
Outdated
properties = { | ||
allow_origins = { | ||
description = | ||
"you can use '*' to allow all origins when no credentials,".. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
code style: please add a space credentials," ..
lua/apisix/plugins/cors.lua
Outdated
end | ||
|
||
if not conf.allow_origins then | ||
conf.allow_origins = "*" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we can set default value by jsonschema
.
lua/apisix/plugins/cors.lua
Outdated
end | ||
|
||
if not conf.allow_methods then | ||
conf.allow_methods = "*" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ditto, please fix other similar issues
lua/apisix/plugins/cors.lua
Outdated
if conf.allow_origins == "**" then | ||
conf.allow_origins = ngx.var.http_origin or '*' | ||
end | ||
if str_find(conf.allow_origins, ",") then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
optimize: plain model
lua/apisix/plugins/cors.lua
Outdated
end | ||
if str_find(conf.allow_origins, ",") then | ||
local finded = false | ||
for origin in str_gmatch(conf.allow_origins, "([^,]+)") do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ngx.re.gmatch
is better performance
@ShiningRush missing doc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please update the English version too
doc/plugins/cors-cn.md
Outdated
|
||
## 属性 | ||
|
||
- `allow_origins`: `可选`.允许跨域访问的Origin, 格式如:`scheme`://`host`:`port`, 比如: https://somehost.com:8081. 多个值使用 `,` 分割, `allow_credential` 为 `false` 时可以使用 `*` 来表示所有 Origin均允许通过。你也可以在启用了 `allow_credential` 后使用 `**` 强制允许所有Origin都通过,但请注意这样存在安全隐患。默认值为 `*`。 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"可选
. " -> "可选
,"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use Chinese commas
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add space between English and Chinese
- `allow_credential`: 是否允许跨域访问的请求方携带凭据(如 Cookie 等), 默认值为: `false`。 | ||
|
||
## 如何启用 | ||
创建 `Route` 或 `Service` 对象,并配置 `cors` 插件。 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add a blank line
doc/plugins/cors-cn.md
Outdated
```shell | ||
curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' | ||
{ | ||
"methods": ["GET"], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we can remove this line
doc/plugins/cors-cn.md
Outdated
```shell | ||
$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' | ||
{ | ||
"methods": ["GET"], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we can remove this line
add a reference to doc: |
The ci show the |
Summary
cors plugin
Full changelog