feat(core): cors config #746

pflynn-virtru · 2024-05-06T16:52:23Z

Introduces configuration via opentdf.yaml for CORS

  cors:
    enabled: false
    # '*' to allow any origin or a specific domain like 'https://yourdomain.com'
    allowedorigins: '*'
    # List of methods. Examples: 'GET,POST,PUT'
    allowedmethods:
      - GET
      - POST
      - PATCH
      - PUT
      - DELETE
      - OPTIONS
    # List of headers that are allowed in a request
    allowedheaders:
      - ACCEPT
      - Authorization
      - Content-Type
      - X-CSRF-Token
    # List of response headers that browsers are allowed to access
    exposedheaders:
      - Link
    # Sets whether credentials are included in the CORS request
    allowcredentials: true
    # Sets the maximum age (in seconds) of a specific CORS preflight request
    maxage: 3600

resolves #305

opentdf-dev.yaml

jrschumacher · 2024-05-07T18:26:41Z

opentdf-example.yaml

+  cors:
+    enabled: false
+    # '*' to allow any origin or a specific domain like 'https://yourdomain.com'
+    allowedorigins: '*'


@pflynn-virtru having a wildcard in the example is a footgun IMO. I would advise using localhost:* if we wanted any kind of default value that would be convenient for developers.

🤖 I have created a release *beep* *boop* --- ## [0.4.1](service/v0.4.0...service/v0.4.1) (2024-05-07) ### Features * **core:** cors config ([#746](#746)) ([3433b5b](3433b5b)) * **core:** Service Level Child Loggers ([#740](#740)) ([aa0f210](aa0f210)) * **ers:** Create entity resolution service, replace idp plugin ([#660](#660)) ([ff44112](ff44112)) * **sdk:** insecure plaintext and skip verify conn ([#670](#670)) ([5c94d02](5c94d02)) ### Bug Fixes * **core:** Fix Lint ([#714](#714)) ([2b0cb09](2b0cb09)), closes [#701](#701) * **core:** Fix several misspellings ([#738](#738)) ([8d61db3](8d61db3)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>

🤖 I have created a release *beep* *boop* --- ## [0.4.1](opentdf/platform@service/v0.4.0...service/v0.4.1) (2024-05-07) ### Features * **core:** cors config ([#746](opentdf/platform#746)) ([3433b5b](opentdf/platform@3433b5b)) * **core:** Service Level Child Loggers ([#740](opentdf/platform#740)) ([aa0f210](opentdf/platform@aa0f210)) * **ers:** Create entity resolution service, replace idp plugin ([#660](opentdf/platform#660)) ([ff44112](opentdf/platform@ff44112)) * **sdk:** insecure plaintext and skip verify conn ([#670](opentdf/platform#670)) ([5c94d02](opentdf/platform@5c94d02)) ### Bug Fixes * **core:** Fix Lint ([#714](opentdf/platform#714)) ([2b0cb09](opentdf/platform@2b0cb09)), closes [#701](opentdf/platform#701) * **core:** Fix several misspellings ([#738](opentdf/platform#738)) ([8d61db3](opentdf/platform@8d61db3)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>

pflynn-virtru added 2 commits May 6, 2024 11:38

feat(service): cors config

9f10ef1

feat(service): cors config

d764768

pflynn-virtru linked an issue May 6, 2024 that may be closed by this pull request

make cors configurable #305

Closed

pflynn-virtru changed the title ~~305 make cors configurable~~ feat(service): cors config May 6, 2024

pflynn-virtru and others added 2 commits May 6, 2024 15:03

feat(core): cors config

5fed1cb

Merge branch 'main' into 305-make-cors-configurable

2ef452e

pflynn-virtru changed the title ~~feat(service): cors config~~ feat(core): cors config May 7, 2024

feat(core): lint

43da2d2

pflynn-virtru marked this pull request as ready for review May 7, 2024 15:13

pflynn-virtru requested a review from a team as a code owner May 7, 2024 15:13

pflynn-virtru and others added 4 commits May 7, 2024 13:18

Merge branch 'main' into 305-make-cors-configurable

de2e17a

feat(core): enabled

776a40b

feat(core): revert

8fb7080

feat(core): lint

b6c15d3

dmihalcik-virtru reviewed May 7, 2024

View reviewed changes

opentdf-dev.yaml Show resolved Hide resolved

patmantru approved these changes May 7, 2024

View reviewed changes

Merge branch 'main' into 305-make-cors-configurable

464bac9

pflynn-virtru enabled auto-merge May 7, 2024 18:12

pflynn-virtru added this pull request to the merge queue May 7, 2024

Merged via the queue into main with commit 3433b5b May 7, 2024
16 checks passed

pflynn-virtru deleted the 305-make-cors-configurable branch May 7, 2024 18:22

opentdf-automation bot mentioned this pull request May 7, 2024

chore(main): release service 0.4.1 #728

Merged

jrschumacher reviewed May 7, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(core): cors config #746

feat(core): cors config #746

pflynn-virtru commented May 6, 2024 •

edited

jrschumacher May 7, 2024

feat(core): cors config #746

feat(core): cors config #746

Conversation

pflynn-virtru commented May 6, 2024 • edited

jrschumacher May 7, 2024

Choose a reason for hiding this comment

pflynn-virtru commented May 6, 2024 •

edited