Skip to content

Commit

Permalink
Revert "feat(CORS): Set the CORS "Access-Control-Allow-Credentials" f…
Browse files Browse the repository at this point in the history 
…or local running (#1648)" (#1664)

This reverts commit cd3ec84.
  • Loading branch information
@sanathkr @jfuss
sanathkr authored and jfuss committed Dec 16, 2019
1 parent 09d2e01 commit bc68c21
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 14 deletions.
4 changes: 1 addition & 3 deletions samcli/commands/local/lib/provider.py
View file
Expand Up @@ -220,14 +220,13 @@ def binary_media_types(self):
return list(self.binary_media_types_set)


_CorsTuple = namedtuple("Cors", ["allow_origin", "allow_methods", "allow_headers", "allow_credentials", "max_age"])
_CorsTuple = namedtuple("Cors", ["allow_origin", "allow_methods", "allow_headers", "max_age"])


_CorsTuple.__new__.__defaults__ = (
None, # Allow Origin defaults to None
None, # Allow Methods is optional and defaults to empty
None, # Allow Headers is optional and defaults to empty
None, # Allow Credentials is optional and defaults to empty
None, # MaxAge is optional and defaults to empty
)

Expand All @@ -251,7 +250,6 @@ def cors_to_headers(cors):
"Access-Control-Allow-Origin": cors.allow_origin,
"Access-Control-Allow-Methods": cors.allow_methods,
"Access-Control-Allow-Headers": cors.allow_headers,
"Access-Control-Allow-Credentials": cors.allow_credentials,
"Access-Control-Max-Age": cors.max_age,
}
# Filters out items in the headers dictionary that isn't empty.
Expand Down
12 changes: 3 additions & 9 deletions samcli/commands/local/lib/sam_api_provider.py
View file
Expand Up @@ -111,15 +111,10 @@ def extract_cors(self, cors_prop):

allow_origin = self._get_cors_prop(cors_prop, "AllowOrigin")
allow_headers = self._get_cors_prop(cors_prop, "AllowHeaders")
allow_credentials = self._get_cors_prop(cors_prop, "AllowCredentials", is_string=False)
max_age = self._get_cors_prop(cors_prop, "MaxAge")

cors = Cors(
allow_origin=allow_origin,
allow_methods=allow_methods,
allow_headers=allow_headers,
allow_credentials=allow_credentials,
max_age=max_age,
allow_origin=allow_origin, allow_methods=allow_methods, allow_headers=allow_headers, max_age=max_age
)
elif cors_prop and isinstance(cors_prop, string_types):
allow_origin = cors_prop
Expand All @@ -133,13 +128,12 @@ def extract_cors(self, cors_prop):
allow_origin=allow_origin,
allow_methods=",".join(sorted(Route.ANY_HTTP_METHODS)),
allow_headers=None,
allow_credentials=None,
max_age=None,
)
return cors

@staticmethod
def _get_cors_prop(cors_dict, prop_name, is_string=True):
def _get_cors_prop(cors_dict, prop_name):
"""
Extract cors properties from dictionary and remove extra quotes.
Expand All @@ -153,7 +147,7 @@ def _get_cors_prop(cors_dict, prop_name, is_string=True):
A string with the extra quotes removed
"""
prop = cors_dict.get(prop_name)
if prop and is_string:
if prop:
if (not isinstance(prop, string_types)) or (not (prop.startswith("'") and prop.endswith("'"))):
raise InvalidSamDocumentException(
"{} must be a quoted string " '(i.e. "\'value\'" is correct, but "value" is not).'.format(prop_name)
Expand Down
2 changes: 0 additions & 2 deletions tests/unit/commands/local/lib/test_sam_api_provider.py
View file
Expand Up @@ -875,7 +875,6 @@ def test_provider_parse_cors_dict(self):
"AllowMethods": "'POST, GET'",
"AllowOrigin": "'*'",
"AllowHeaders": "'Upgrade-Insecure-Requests'",
"AllowCredentials": True,
"MaxAge": "'600'",
},
"DefinitionBody": {
Expand Down Expand Up @@ -918,7 +917,6 @@ def test_provider_parse_cors_dict(self):
allow_origin="*",
allow_methods=",".join(sorted(["POST", "GET", "OPTIONS"])),
allow_headers="Upgrade-Insecure-Requests",
allow_credentials=True,
max_age="600",
)
route1 = Route(path="/path2", methods=["POST", "OPTIONS"], function_name="NoApiEventFunction")
Expand Down

0 comments on commit bc68c21

Please sign in to comment.