grassrootseconomics/openethereum
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix default CORS settings. (#7387)

Browse Source 
* Fix default CORS settings.

* Add info regarding special options.
This commit is contained in:
Tomasz Drwięga 2017-12-27 18:56:06 +01:00 committed by Arkadiy Paronyan
parent eb1bb8f5bd
commit 26e4fc680c
5 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
parity/cli/mod.rs
View File

@ -466,9 +466,9 @@ usage! {
"--jsonrpc-threads=[THREADS]", "--jsonrpc-threads=[THREADS]",
"Turn on additional processing threads in all RPC servers. Setting this to non-zero value allows parallel cpu-heavy queries execution.", "Turn on additional processing threads in all RPC servers. Setting this to non-zero value allows parallel cpu-heavy queries execution.",
ARG arg_jsonrpc_cors: (Option<String>) = None, or |c: &Config| otry!(c.rpc).cors.clone(), ARG arg_jsonrpc_cors: (String) = "none", or |c: &Config| otry!(c.rpc).cors.as_ref().map(|vec| vec.join(",")),
"--jsonrpc-cors=[URL]", "--jsonrpc-cors=[URL]",
"Specify CORS header for JSON-RPC API responses.", "Specify CORS header for JSON-RPC API responses. Special options: \"all\", \"none\".",
ARG arg_jsonrpc_server_threads: (Option<usize>) = None, or |c: &Config| otry!(c.rpc).server_threads, ARG arg_jsonrpc_server_threads: (Option<usize>) = None, or |c: &Config| otry!(c.rpc).server_threads,
"--jsonrpc-server-threads=[NUM]", "--jsonrpc-server-threads=[NUM]",
@ -538,9 +538,9 @@ usage! {
"--ipfs-api-hosts=[HOSTS]", "--ipfs-api-hosts=[HOSTS]",
"List of allowed Host header values. This option will validate the Host header sent by the browser, it is additional security against some attack vectors. Special options: \"all\", \"none\".", "List of allowed Host header values. This option will validate the Host header sent by the browser, it is additional security against some attack vectors. Special options: \"all\", \"none\".",
ARG arg_ipfs_api_cors: (Option<String>) = None, or |c: &Config| otry!(c.ipfs).cors.clone(), ARG arg_ipfs_api_cors: (String) = "none", or |c: &Config| otry!(c.ipfs).cors.as_ref().map(|vec| vec.join(",")),
"--ipfs-api-cors=[URL]", "--ipfs-api-cors=[URL]",
"Specify CORS header for IPFS API responses.", "Specify CORS header for IPFS API responses. Special options: \"all\", \"none\".",
["Secret store options"] ["Secret store options"]
FLAG flag_no_secretstore: (bool) = false, or |c: &Config| otry!(c.secretstore).disable.clone(), FLAG flag_no_secretstore: (bool) = false, or |c: &Config| otry!(c.secretstore).disable.clone(),
@ -1052,7 +1052,7 @@ struct Rpc {
disable: Option<bool>, disable: Option<bool>,
port: Option<u16>, port: Option<u16>,
interface: Option<String>, interface: Option<String>,
cors: Option<String>, cors: Option<Vec<String>>,
apis: Option<Vec<String>>, apis: Option<Vec<String>>,
hosts: Option<Vec<String>>, hosts: Option<Vec<String>>,
server_threads: Option<usize>, server_threads: Option<usize>,
@ -1108,7 +1108,7 @@ struct Ipfs {
enable: Option<bool>, enable: Option<bool>,
port: Option<u16>, port: Option<u16>,
interface: Option<String>, interface: Option<String>,
cors: Option<String>, cors: Option<Vec<String>>,
hosts: Option<Vec<String>>, hosts: Option<Vec<String>>,
} }
@ -1468,7 +1468,7 @@ mod tests {
flag_no_jsonrpc: false, flag_no_jsonrpc: false,
arg_jsonrpc_port: 8545u16, arg_jsonrpc_port: 8545u16,
arg_jsonrpc_interface: "local".into(), arg_jsonrpc_interface: "local".into(),
arg_jsonrpc_cors: Some("null".into()), arg_jsonrpc_cors: "null".into(),
arg_jsonrpc_apis: "web3,eth,net,parity,traces,rpc,secretstore".into(), arg_jsonrpc_apis: "web3,eth,net,parity,traces,rpc,secretstore".into(),
arg_jsonrpc_hosts: "none".into(), arg_jsonrpc_hosts: "none".into(),
arg_jsonrpc_server_threads: None, arg_jsonrpc_server_threads: None,
@ -1507,7 +1507,7 @@ mod tests {
flag_ipfs_api: false, flag_ipfs_api: false,
arg_ipfs_api_port: 5001u16, arg_ipfs_api_port: 5001u16,
arg_ipfs_api_interface: "local".into(), arg_ipfs_api_interface: "local".into(),
arg_ipfs_api_cors: Some("null".into()), arg_ipfs_api_cors: "null".into(),
arg_ipfs_api_hosts: "none".into(), arg_ipfs_api_hosts: "none".into(),
// -- Sealing/Mining Options // -- Sealing/Mining Options

4
parity/cli/tests/config.full.toml
View File

@ -49,7 +49,7 @@ reserved_peers = "./path_to_file"
disable = false disable = false
port = 8545 port = 8545
interface = "local" interface = "local"
cors = "null" cors = ["null"]
apis = ["web3", "eth", "net", "parity", "traces", "rpc", "secretstore"] apis = ["web3", "eth", "net", "parity", "traces", "rpc", "secretstore"]
hosts = ["none"] hosts = ["none"]
@ -91,7 +91,7 @@ path = "$HOME/.parity/secretstore"
enable = false enable = false
port = 5001 port = 5001
interface = "local" interface = "local"
cors = "null" cors = ["null"]
hosts = ["none"] hosts = ["none"]
[mining] [mining]

20
parity/configuration.rs
View File

@ -775,13 +775,19 @@ impl Configuration {
apis.join(",") apis.join(",")
} }
fn cors(cors: Option<&String>) -> Option<Vec<String>> { fn cors(cors: &str) -> Option<Vec<String>> {
cors.map(|ref c| c.split(',').map(Into::into).collect()) match cors {
"none" => return Some(Vec::new()),
"*" | "all" | "any" => return None,
_ => {},
}
Some(cors.split(',').map(Into::into).collect())
} }
fn rpc_cors(&self) -> Option<Vec<String>> { fn rpc_cors(&self) -> Option<Vec<String>> {
let cors = self.args.arg_jsonrpc_cors.as_ref().or(self.args.arg_rpccorsdomain.as_ref()); let cors = self.args.arg_rpccorsdomain.clone().unwrap_or_else(|| self.args.arg_jsonrpc_cors.to_owned());
Self::cors(cors) Self::cors(&cors)
} }
fn ipfs_cors(&self) -> Option<Vec<String>> { fn ipfs_cors(&self) -> Option<Vec<String>> {
@ -1458,7 +1464,7 @@ mod tests {
assert_eq!(net.rpc_enabled, true); assert_eq!(net.rpc_enabled, true);
assert_eq!(net.rpc_interface, "0.0.0.0".to_owned()); assert_eq!(net.rpc_interface, "0.0.0.0".to_owned());
assert_eq!(net.rpc_port, 8000); assert_eq!(net.rpc_port, 8000);
assert_eq!(conf.rpc_cors(), Some(vec!["*".to_owned()])); assert_eq!(conf.rpc_cors(), None);
assert_eq!(conf.rpc_apis(), "web3,eth".to_owned()); assert_eq!(conf.rpc_apis(), "web3,eth".to_owned());
} }
@ -1525,8 +1531,8 @@ mod tests {
let conf2 = parse(&["parity", "--ipfs-api-cors", "http://parity.io,http://something.io"]); let conf2 = parse(&["parity", "--ipfs-api-cors", "http://parity.io,http://something.io"]);
// then // then
assert_eq!(conf0.ipfs_cors(), None); assert_eq!(conf0.ipfs_cors(), Some(vec![]));
assert_eq!(conf1.ipfs_cors(), Some(vec!["*".into()])); assert_eq!(conf1.ipfs_cors(), None);
assert_eq!(conf2.ipfs_cors(), Some(vec!["http://parity.io".into(),"http://something.io".into()])); assert_eq!(conf2.ipfs_cors(), Some(vec!["http://parity.io".into(),"http://something.io".into()]));
} }

4
parity/ipfs.rs
View File

@ -34,8 +34,8 @@ impl Default for Configuration {
enabled: false, enabled: false,
port: 5001, port: 5001,
interface: "127.0.0.1".into(), interface: "127.0.0.1".into(),
cors: None, cors: Some(vec![]),
hosts: Some(Vec::new()), hosts: Some(vec![]),
} }
} }
} }

6
parity/rpc.rs
View File

@ -59,8 +59,8 @@ impl Default for HttpConfiguration {
interface: "127.0.0.1".into(), interface: "127.0.0.1".into(),
port: 8545, port: 8545,
apis: ApiSet::UnsafeContext, apis: ApiSet::UnsafeContext,
cors: None, cors: Some(vec![]),
hosts: Some(Vec::new()), hosts: Some(vec![]),
server_threads: 1, server_threads: 1,
processing_threads: 4, processing_threads: 4,
} }
@ -98,7 +98,7 @@ impl From<UiConfiguration> for HttpConfiguration {
interface: conf.interface, interface: conf.interface,
port: conf.port, port: conf.port,
apis: rpc_apis::ApiSet::UnsafeContext, apis: rpc_apis::ApiSet::UnsafeContext,
cors: None, cors: Some(vec![]),
hosts: conf.hosts, hosts: conf.hosts,
server_threads: 1, server_threads: 1,
processing_threads: 0, processing_threads: 0,