Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security: Add regular expression support to CORS for easier matching #6891

Closed
spinscale opened this issue Jul 16, 2014 · 2 comments · Fixed by #6923
Closed

Security: Add regular expression support to CORS for easier matching #6891

spinscale opened this issue Jul 16, 2014 · 2 comments · Fixed by #6923

Comments

@spinscale
Copy link
Contributor

In order to support CORS better, we should add an option to also match a regular expression instead of the current options when returning the Access-Control-Allow-Origin first.
@s1monw s1monw removed the v1.4.0 label Jul 16, 2014
@s1monw
Copy link
Contributor

s1monw commented Jul 18, 2014

@spinscale ping what is the status of this?

@spinscale spinscale mentioned this issue Jul 18, 2014
Merged
@spinscale
Copy link
Contributor Author

@s1monw waiting for a final test by @rashidkpc but I just created #6923 so maybe you can have a code review, especially to make sure I didnt introduce a performance penalty by trying to compile the regular expression more often than necessary

@s1monw s1monw added v1.4.0 and removed blocker labels Jul 21, 2014
@clintongormley clintongormley changed the title CORS: Add regular expression support for easier matching Security: Add regular expression support to CORS for easier matching Jul 21, 2014
spinscale added a commit to spinscale/elasticsearch that referenced this issue Jul 25, 2014
@spinscale
CORS: Support regular expressions for origin to match against
a1e335b 
This commit adds regular expression support for the allow-origin
header depending on the value of the request `Origin` header.

The existing HttpRequestBuilder is also extended to support the
OPTIONS HTTP method.

Relates elastic#5601
Closes elastic#6891
spinscale added a commit that referenced this issue Jul 25, 2014
@spinscale
CORS: Support regular expressions for origin to match against
284da7a 
This commit adds regular expression support for the allow-origin
header depending on the value of the request `Origin` header.

The existing HttpRequestBuilder is also extended to support the
OPTIONS HTTP method.

Relates #5601
Closes #6891
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Security: Support regular expressions for CORS allow-origin to match against spinscale/elasticsearch
2 participants
@spinscale @s1monw