theluyuan/shynet
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix multiple origin support (closes #52)

Browse Source
This commit is contained in:
R. Miles McCain 2020-06-28 17:36:12 +00:00
parent 94fed58de3
commit 358fb234a7
No known key found for this signature in database
GPG Key ID: F1053629E2905557
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
shynet/analytics/views/ingress.py
View File

@ -1,5 +1,6 @@
import base64 import base64
import json import json
from urllib.parse import urlparse
from django.conf import settings from django.conf import settings
from django.core.cache import cache from django.core.cache import cache
@ -49,7 +50,15 @@ class ValidateServiceOriginsMixin:
cache.set(f"service_origins_{service_uuid}", origins, timeout=3600) cache.set(f"service_origins_{service_uuid}", origins, timeout=3600)
resp = super().dispatch(request, *args, **kwargs) resp = super().dispatch(request, *args, **kwargs)
resp["Access-Control-Allow-Origin"] = origins
if origins != "*":
remote_origin = request.META.get("HTTP_ORIGIN")
origins = [origin.strip() for origin in origins.split(",")]
if remote_origin in origins:
resp["Access-Control-Allow-Origin"] = remote_origin
else:
resp["Access-Control-Allow-Origin"] = "*"
resp["Access-Control-Allow-Methods"] = "GET,HEAD,OPTIONS,POST" resp["Access-Control-Allow-Methods"] = "GET,HEAD,OPTIONS,POST"
resp[ resp[
"Access-Control-Allow-Headers" "Access-Control-Allow-Headers"