Fix not configuring Origins setion to support any cross-domain requests

fanliang11 · Nov 5, 2019 · be43a8d · be43a8d
1 parent 4ae7084
commit be43a8d
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 1 deletion.
diff --git a/src/Surging.ApiGateway/Configs/gatewaySettings.json b/src/Surging.ApiGateway/Configs/gatewaySettings.json
@@ -5,7 +5,6 @@
   "TokenEndpointPath": "api/oauth2/token",
   "CacheMode": "MemoryCache", //MemoryCache or  gateway.Redis save token
   "AccessPolicy": {
-    "Origins": [ "http://127.0.0.1:1927", "http://localhost:927" ],
     "AllowAnyHeader": true,
     "AllowAnyMethod": true
   },

diff --git a/src/Surging.ApiGateway/Startup.cs b/src/Surging.ApiGateway/Startup.cs
@@ -109,6 +109,7 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
             app.UseCors(builder =>
             {
                 var policy = Core.ApiGateWay.AppConfig.Policy;
+                if(policy.Origins !=null)
                 builder.WithOrigins(policy.Origins);
                 if (policy.AllowAnyHeader)
                     builder.AllowAnyHeader();

diff --git a/src/Surging.Core/Surging.Core.Stage/StageModule.cs b/src/Surging.Core/Surging.Core.Stage/StageModule.cs
@@ -41,6 +41,7 @@ public override void Initialize(ApplicationInitializationContext context)
             {
                 context.Builder.UseCors(builder =>
                 {
+                    if(policy.Origins!=null)
                     builder.WithOrigins(policy.Origins);
                     if (policy.AllowAnyHeader)
                         builder.AllowAnyHeader();