Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modifying CORS values on D8/D9 #1597

Open
VangelisP opened this issue Nov 9, 2021 · 8 comments
Open

Modifying CORS values on D8/D9 #1597

VangelisP opened this issue Nov 9, 2021 · 8 comments
Labels
status - needs work type - feature request

Comments

@VangelisP
Copy link

Hi there!

With Drupal 7, when we wanted to modify CORS values, we were using the CORS module. On Drupal 8/9 , this module is not existing anymore since the task can be done via core. The way they suggest to do it is by using the /sites/default/services.yml.

Example references:

I am aware that modifying the /sites/default/services.yml in this stack is forbidden (besides the fact that the default folder is being removed) and I do understand that.

I did find something described here but that relates mainly to debugging the theme by using the development.services.yml .

Is there a way to reconfigure the CORS headers by using some sort of services.yml on a per-site basis?

Would creating a new file services.yml and adding the configuration work ? Is it the proper way ?
I tried that and i didn't see any changes to the behaviour so far (unless i messed up with the parameters).

Thanks!
@VangelisP
Copy link
Author

Hi @omega8cc team. It seems that we managed to get it working.

The steps to make it happen are the following:

  1. On the site's folder, touch modules/local-allow.info and then Reset password via the Aegir UI. This will allow us to edit the content of local.settings.php
  2. On the local.settings.php (that is now writeable), edit it and add the following line: $settings['container_yamls'][] = __DIR__ . '/private/services.yml';
  3. On the folder sites/sitename/private, add your services.yml
    You should be able now to add your CORS parameters according to what you want.

Eventually, this would be good if it would move into the folder modules, in order to be harmonized with the existing boa_site_control.ini that we got already so far.

@fotiDim
Copy link

fotiDim commented Jul 3, 2023
edited
Loading

I just placed a services.yaml file in /data/disk/o1/static/MY_PLATFROM/web/sites/MY_SITE, cleaned cache and it worked. There was no services.yaml before in that path.

The contents were:

parameters:
  # Configure Cross-Site HTTP requests (CORS).
  # Read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
  # for more information about the topic in general.
  # Note: By default the configuration is disabled.
  cors.config:
    enabled: true
    # Specify allowed headers, like 'x-allowed-header'.
    allowedHeaders: ['x-csrf-token','authorization','content-type','accept','origin','x-requested-with', 'access-control-allow-origin','x-allowed-header','*']  
    # Specify allowed request methods, specify ['*'] to allow all possible ones.
    allowedMethods: ['*']
    # Configure requests allowed from specific origins. Do not include trailing
    # slashes with URLs.
    allowedOrigins: ['*']
    # Sets the Access-Control-Expose-Headers header.
    exposedHeaders: false
    # Sets the Access-Control-Max-Age header.
    maxAge: false
    # Sets the Access-Control-Allow-Credentials header.
    supportsCredentials: false

@VangelisP
Copy link
Author

Thanks @fotiDim , however, the problem is that as a typical limited user (with the .ftp prefix), we are not allowed to write a new file inside the site's root folder.

@fotiDim
Copy link

fotiDim commented Jul 3, 2023

Thanks @fotiDim , however, the problem is that as a typical limited user (with the .ftp prefix), we are not allowed to write a new file inside the site's root folder.

@VangelisP I am self-hosting BOA so I have root access. I suppose you are using the omegacc-hosted version, right?

@VangelisP
Copy link
Author

Thanks @fotiDim , however, the problem is that as a typical limited user (with the .ftp prefix), we are not allowed to write a new file inside the site's root folder.

@VangelisP I am self-hosting BOA so I have root access. I suppose you are using the omegacc-hosted version, right?

I actually have both version, for production we use the omegacc-hosted version while for development we use an internal server with the omega8/boa stack. And while I can access as root, I would prefer if there's a way for the limited users to be able to alter this file so that my colleagues won't need to have root access.

@fotiDim
Copy link

fotiDim commented Jul 4, 2023

@VangelisP As an alternative solution I tried the cors_ui module which also worked fine for me and seems it could also fit your use case.

@omega8cc
Copy link
Owner

omega8cc commented Jul 7, 2023

There’s an old trick to make site directory writable, we just need to add it to the docs with new control file.

Sent with GitHawk

@VangelisP
Copy link
Author

@VangelisP As an alternative solution I tried the cors_ui module which also worked fine for me and seems it could also fit your use case.

That could work I suppose. I was trying to find a way to make it more flexible from a sysadmin perspective (ie the person that manages the Aegir instance only and is not being involved in Drupal development or maintaining it).

I'm also looking forward to see what omega88cc is thinking with the control file 😉

Thanks to both of you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status - needs work type - feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@omega8cc @fotiDim @VangelisP