Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security: Add regular expression support to CORS for easier matching #6891

Closed
spinscale opened this Issue Jul 16, 2014 · 2 comments

Comments

Projects
None yet
2 participants
@spinscale
Copy link
Member

spinscale commented Jul 16, 2014

In order to support CORS better, we should add an option to also match a regular expression instead of the current options when returning the Access-Control-Allow-Origin first.

@s1monw s1monw removed the v1.4.0 label Jul 16, 2014

@s1monw

This comment has been minimized.

Copy link
Contributor

s1monw commented Jul 18, 2014

@spinscale ping what is the status of this?

@spinscale

This comment has been minimized.

Copy link
Member Author

spinscale commented Jul 18, 2014

@s1monw waiting for a final test by @rashidkpc but I just created #6923 so maybe you can have a code review, especially to make sure I didnt introduce a performance penalty by trying to compile the regular expression more often than necessary

@s1monw s1monw added v1.4.0 and removed blocker labels Jul 21, 2014

@clintongormley clintongormley changed the title CORS: Add regular expression support for easier matching Security: Add regular expression support to CORS for easier matching Jul 21, 2014

spinscale added a commit to spinscale/elasticsearch that referenced this issue Jul 25, 2014

CORS: Support regular expressions for origin to match against
This commit adds regular expression support for the allow-origin
header depending on the value of the request `Origin` header.

The existing HttpRequestBuilder is also extended to support the
OPTIONS HTTP method.

Relates elastic#5601
Closes elastic#6891

spinscale added a commit that referenced this issue Jul 25, 2014

CORS: Support regular expressions for origin to match against
This commit adds regular expression support for the allow-origin
header depending on the value of the request `Origin` header.

The existing HttpRequestBuilder is also extended to support the
OPTIONS HTTP method.

Relates #5601
Closes #6891
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.