Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CORS middleware: better handling of Origin #318

Merged
merged 3 commits into from
Aug 26, 2019
Merged

CORS middleware: better handling of Origin #318

merged 3 commits into from
Aug 26, 2019

Conversation

Ivshti
Copy link
Contributor

@Ivshti Ivshti commented Aug 25, 2019
edited
Loading

no origin header should be treated as an empty origin header

otherwise, simple HTTP requests like ones made with curl will fail with 400 bad request

Pretty much any other framework/server treats the absence of an origin header the same as empty origin header

Description

Passing no origin header should be treated as an empty origin header

otherwise, simple HTTP requests like ones made with curl will fail with 400 bad request

Pretty much any other framework/server treats the absence of an origin header the same as empty origin header

Motivation and Context

Fixes simple HTTP requests, such as ones made with curl

How Has This Been Tested?

curl localhost:8000

curl -H 'Origin: something.com' localhost:8000

And to test the cases where it should be rejected, just set the origin to something and then see if any other origin will be rejected

Types of changes

  • changed src/middleware.rs to apply the change

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@Ivshti Ivshti mentioned this pull request Aug 25, 2019
Open
@tirr-c tirr-c merged commit 67e9191 into http-rs:master Aug 26, 2019
@yoshuawuyts yoshuawuyts mentioned this pull request Oct 31, 2019
Closed
yoshuawuyts added a commit that referenced this pull request Nov 3, 2019
@yoshuawuyts
better cors origin handling #318
ea8d87d 
Signed-off-by: Yoshua Wuyts <yoshuawuyts@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tirr-c tirr-c tirr-c approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Ivshti @tirr-c