-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
updates proxy to support access control allow list (#3407)
* feat: updates proxy to support access control allow list * fix: remove downstream access-control-allow-origin * fix: update readme for m1 * fix: move purge call to the backend * fix: test fix and add await * fix: moving cache purge to helper --------- Co-authored-by: Morgan Ludtke <ludtkemorgan@gmail.com> Co-authored-by: Yazeed Loonat <yazeedloonat@gmail.com>
- Loading branch information
1 parent
cb85ee8
commit 3b816da
Showing
12 changed files
with
116 additions
and
62 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,16 +1,19 @@ | ||
proxy_cache_min_uses 1; | ||
proxy_cache_revalidate on; | ||
proxy_cache_background_update on; | ||
proxy_cache_lock on; | ||
proxy_ssl_server_name on; | ||
proxy_cache webapp_cache; | ||
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504; | ||
proxy_cache_key $uri$is_args$args$http_language; | ||
if ($request_method = 'PURGE') { | ||
# TODO: make vairable that's passed in for allow origin purge | ||
add_header Access-Control-Allow-Origin *; | ||
} | ||
add_header X-Cache-Status $upstream_cache_status; | ||
add_header Access-Control-Allow-Headers 'Content-Type, X-Language, X-JurisdictionName, Authorization'; | ||
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS, PUT, DELETE, PURGE'; | ||
proxy_pass $PROTOCOL://$BACKEND_HOSTNAME; | ||
proxy_cache_min_uses 1; | ||
proxy_cache_revalidate on; | ||
proxy_cache_background_update on; | ||
proxy_cache_lock on; | ||
proxy_ssl_server_name on; | ||
proxy_cache webapp_cache; | ||
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504; | ||
proxy_cache_key $uri$is_args$args$http_language; | ||
proxy_hide_header Access-Control-Allow-Origin; | ||
if ($http_origin ~* "^https?://($ALLOW_LIST)$") { | ||
add_header Access-Control-Allow-Origin *; | ||
} | ||
if ($request_method = 'PURGE') { | ||
add_header Access-Control-Allow-Origin *; | ||
} | ||
add_header X-Cache-Status $upstream_cache_status; | ||
add_header Access-Control-Allow-Headers 'Content-Type, X-Language, X-JurisdictionName, Authorization'; | ||
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS, PUT, DELETE, PURGE'; | ||
proxy_pass $PROTOCOL://$BACKEND_HOSTNAME; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters