fix apigw data plane service matching (#10682)

localstack · Apr 17, 2024 · 01b9d17 · 01b9d17
1 parent 451968f
commit 01b9d17
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 14 deletions.
diff --git a/localstack/aws/handlers/cors.py b/localstack/aws/handlers/cors.py
@@ -145,19 +145,19 @@ def should_enforce_self_managed_service(context: RequestContext) -> bool:
                     the targeting service
     :return: True if the CORS rules should be enforced in here.
     """
-    if config.DISABLE_CUSTOM_CORS_S3 and config.DISABLE_CUSTOM_CORS_APIGATEWAY:
-        return True
     # allow only certain api calls without checking origin
-    if context.service:
-        service_name = context.service.service_name
-        if not config.DISABLE_CUSTOM_CORS_S3 and service_name == "s3":
+    if not config.DISABLE_CUSTOM_CORS_S3:
+        if context.service and context.service.service_name == "s3":
             return False
-        if not config.DISABLE_CUSTOM_CORS_APIGATEWAY and service_name == "apigateway":
-            is_user_request = (
-                PATH_USER_REQUEST in context.request.path or ".execute-api." in context.request.host
-            )
-            if is_user_request:
-                return False
+
+    if not config.DISABLE_CUSTOM_CORS_APIGATEWAY:
+        # we don't check for service_name == "apigw" here because ``.execute-api.`` can be either apigw v1 or v2
+        is_user_request = (
+            ".execute-api." in context.request.host or PATH_USER_REQUEST in context.request.path
+        )
+        if is_user_request:
+            return False
+
     return True
 
 

diff --git a/localstack/aws/protocol/service_router.py b/localstack/aws/protocol/service_router.py
@@ -140,10 +140,13 @@ def custom_host_addressing_rules(host: str) -> Optional[ServiceModelIdentifier]:
     """
     Rules based on the host header of the request, which is typically the data plane of a service.
 
-    # TODO: ELB, AppSync, CloudFront, ...
+    Some services are added through a patch in ext.
     """
-    if ".execute-api." in host:
-        return ServiceModelIdentifier("apigateway")
+
+    # a note on ``.execute-api.`` and why it shouldn't be added as a check here: ``.execute-api.`` was previously
+    # mapped distinctly to ``apigateway``, but this assumption is too strong, since the URL can be apigw v1, v2,
+    # or apigw management api. so in short, simply based on the host header, it's not possible to unambiguously
+    # associate a specific apigw service to the request.
 
     if ".lambda-url." in host:
         return ServiceModelIdentifier("lambda")