-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
routes: changes required to do browser authentication #429
Conversation
f63c259
to
22484ff
Compare
Codecov Report
@@ Coverage Diff @@
## main #429 +/- ##
==========================================
+ Coverage 83.73% 83.77% +0.04%
==========================================
Files 49 49
Lines 10168 10194 +26
==========================================
+ Hits 8514 8540 +26
Misses 1294 1294
Partials 360 360
Continue to review full report at Codecov.
|
cb4efa0
to
078bc2d
Compare
078bc2d
to
85d194b
Compare
85d194b
to
e8cab22
Compare
e8cab22
to
f47115c
Compare
4fc26b3
to
59b6176
Compare
59b6176
to
6506208
Compare
whenever we make a request that contains header apart from CORS allowed header, browser sends a preflight request and in response accept *Access-Control-Allow-Headers*. preflight request is in form of OPTIONS method, added new http handler func to set headers and returns HTTP status ok in case of OPTIONS method. in case of authorization, request contains authorization header added authorization header in Access-Control-Allow-Headers list added AllowOrigin field in HTTPConfig this field value is set to Access-Control-Allow-Origin header and will give zot adminstrator to limit incoming request. Signed-off-by: Shivam Mishra <shimish2@cisco.com>
6506208
to
9f19eac
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
whenever we make a request that contains header apart from CORS allowed header, browser sends a preflight request
and in response accept Access-Control-Allow-Headers.
preflight request is in form of OPTIONS method, added new http handler func to set headers
and returns HTTP status ok in case of OPTIONS method.
in case of authorization, request contains authorization header
added authorization header in Access-Control-Allow-Headers list
added AllowOrigin field in HTTPConfig this field value is set to Access-Control-Allow-Origin header and will give zot adminstrator to limit incoming request.
Signed-off-by: Shivam Mishra shimish2@cisco.com
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.