Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Set CORS headers #4990

Merged
merged 6 commits into from Feb 3, 2021
Merged

feat: Set CORS headers #4990

merged 6 commits into from Feb 3, 2021

Conversation

joyciep
Copy link
Contributor

@joyciep joyciep commented Feb 2, 2021
edited

Set Access-Control-Allow-Origin header by passing the allowed origins via --access-control-allow-origin flag

argo-server --access-control-allow-origin="<origin>"

Fixes #4984

Checklist:

@CLAassistant
Copy link

CLAassistant commented Feb 2, 2021
edited

CLA assistant check
All committers have signed the CLA.

@joyciep
feat: Set CORS headers
66eef38 
Signed-off-by: Joyce Anne Piscos <joycepiscos@gmail.com>
@joyciep
feat: Update docs
9b148a7 
Signed-off-by: Joyce Anne Piscos <joycepiscos@gmail.com>
@joyciep joyciep marked this pull request as ready for review February 2, 2021 07:18
@joyciep
Revert "feat: Update docs"
da5a2ca 
This reverts commit 9b148a7.

Signed-off-by: Joyce Anne Piscos <joycepiscos@gmail.com>
@joyciep
Generate docs
20bb709 
Signed-off-by: Joyce Anne Piscos <joycepiscos@gmail.com>
@joyciep joyciep mentioned this pull request Feb 2, 2021
Closed
alexec
alexec reviewed Feb 2, 2021
View reviewed changes
server/apiserver/argoserver.go Outdated
return &httpServer
}

// configureCORS is a middleware for setting CORS headers
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Any reason to not insert this next to the x-frames-options code?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just want this middleware close to the callers. Should I move it?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Look for where we already add headers suck as X-Frame-Options

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay found it. Should I not use the middleware and just call w.Header().Set() in static.go?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved it near the x-frame-options code, kindly check.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@joyciep After this change, are the CORS configured also for /api/ URI? If I am reading it right, it is only used for static.NewFilesServer, isn't it?

@joyciep
Move cors code near x-frame-options code
2a800e0 
Signed-off-by: Joyce Anne Piscos <joycepiscos@gmail.com>
alexec
alexec approved these changes Feb 3, 2021
View reviewed changes
Copy link
Contributor

@alexec alexec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@alexec alexec merged commit 8f5e17a into argoproj:master Feb 3, 2021
@alexec alexec added this to the v3.0 milestone Feb 3, 2021
@simster7 simster7 mentioned this pull request Feb 8, 2021
Closed
38 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@uhlajs uhlajs uhlajs left review comments

@alexec alexec alexec approved these changes

Assignees

@alexec alexec

Labels
None yet
Projects
None yet
Milestone
v3.0
Development

Successfully merging this pull request may close these issues.

Cross Origin Requests
4 participants
@joyciep @CLAassistant @alexec @uhlajs