theluyuan/shynet
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'CasperVerswijvelt/master' into dev

Browse Source
This commit is contained in:
R. Miles McCain 2021-04-24 17:07:24 +00:00
commit 36d72508e6
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
shynet/analytics/views/ingress.py
View File

@ -54,7 +54,7 @@ class ValidateServiceOriginsMixin:
origins = service.origins
cache.set(f"service_origins_{service_uuid}", origins, timeout=3600)
resp = super().dispatch(request, *args, **kwargs)
allow_origin = "*"
if origins != "*":
remote_origin = request.META.get("HTTP_ORIGIN")
@ -66,12 +66,12 @@ class ValidateServiceOriginsMixin:
remote_origin = f"{parsed.scheme}://{parsed.netloc}".lower()
origins = [origin.strip().lower() for origin in origins.split(",")]
if remote_origin in origins:
resp["Access-Control-Allow-Origin"] = remote_origin
allow_origin = remote_origin
else:
return HttpResponseForbidden()
else:
resp["Access-Control-Allow-Origin"] = "*"
resp = super().dispatch(request, *args, **kwargs)
resp["Access-Control-Allow-Origin"] = allow_origin
resp["Access-Control-Allow-Methods"] = "GET,HEAD,OPTIONS,POST"
resp[
"Access-Control-Allow-Headers"