Fix default CORS settings. (#7387)
* Fix default CORS settings. * Add info regarding special options.
This commit is contained in:
parent
eb1bb8f5bd
commit
26e4fc680c
@ -466,9 +466,9 @@ usage! {
|
||||
"--jsonrpc-threads=[THREADS]",
|
||||
"Turn on additional processing threads in all RPC servers. Setting this to non-zero value allows parallel cpu-heavy queries execution.",
|
||||
|
||||
ARG arg_jsonrpc_cors: (Option<String>) = None, or |c: &Config| otry!(c.rpc).cors.clone(),
|
||||
ARG arg_jsonrpc_cors: (String) = "none", or |c: &Config| otry!(c.rpc).cors.as_ref().map(|vec| vec.join(",")),
|
||||
"--jsonrpc-cors=[URL]",
|
||||
"Specify CORS header for JSON-RPC API responses.",
|
||||
"Specify CORS header for JSON-RPC API responses. Special options: \"all\", \"none\".",
|
||||
|
||||
ARG arg_jsonrpc_server_threads: (Option<usize>) = None, or |c: &Config| otry!(c.rpc).server_threads,
|
||||
"--jsonrpc-server-threads=[NUM]",
|
||||
@ -538,9 +538,9 @@ usage! {
|
||||
"--ipfs-api-hosts=[HOSTS]",
|
||||
"List of allowed Host header values. This option will validate the Host header sent by the browser, it is additional security against some attack vectors. Special options: \"all\", \"none\".",
|
||||
|
||||
ARG arg_ipfs_api_cors: (Option<String>) = None, or |c: &Config| otry!(c.ipfs).cors.clone(),
|
||||
ARG arg_ipfs_api_cors: (String) = "none", or |c: &Config| otry!(c.ipfs).cors.as_ref().map(|vec| vec.join(",")),
|
||||
"--ipfs-api-cors=[URL]",
|
||||
"Specify CORS header for IPFS API responses.",
|
||||
"Specify CORS header for IPFS API responses. Special options: \"all\", \"none\".",
|
||||
|
||||
["Secret store options"]
|
||||
FLAG flag_no_secretstore: (bool) = false, or |c: &Config| otry!(c.secretstore).disable.clone(),
|
||||
@ -1052,7 +1052,7 @@ struct Rpc {
|
||||
disable: Option<bool>,
|
||||
port: Option<u16>,
|
||||
interface: Option<String>,
|
||||
cors: Option<String>,
|
||||
cors: Option<Vec<String>>,
|
||||
apis: Option<Vec<String>>,
|
||||
hosts: Option<Vec<String>>,
|
||||
server_threads: Option<usize>,
|
||||
@ -1108,7 +1108,7 @@ struct Ipfs {
|
||||
enable: Option<bool>,
|
||||
port: Option<u16>,
|
||||
interface: Option<String>,
|
||||
cors: Option<String>,
|
||||
cors: Option<Vec<String>>,
|
||||
hosts: Option<Vec<String>>,
|
||||
}
|
||||
|
||||
@ -1468,7 +1468,7 @@ mod tests {
|
||||
flag_no_jsonrpc: false,
|
||||
arg_jsonrpc_port: 8545u16,
|
||||
arg_jsonrpc_interface: "local".into(),
|
||||
arg_jsonrpc_cors: Some("null".into()),
|
||||
arg_jsonrpc_cors: "null".into(),
|
||||
arg_jsonrpc_apis: "web3,eth,net,parity,traces,rpc,secretstore".into(),
|
||||
arg_jsonrpc_hosts: "none".into(),
|
||||
arg_jsonrpc_server_threads: None,
|
||||
@ -1507,7 +1507,7 @@ mod tests {
|
||||
flag_ipfs_api: false,
|
||||
arg_ipfs_api_port: 5001u16,
|
||||
arg_ipfs_api_interface: "local".into(),
|
||||
arg_ipfs_api_cors: Some("null".into()),
|
||||
arg_ipfs_api_cors: "null".into(),
|
||||
arg_ipfs_api_hosts: "none".into(),
|
||||
|
||||
// -- Sealing/Mining Options
|
||||
|
@ -49,7 +49,7 @@ reserved_peers = "./path_to_file"
|
||||
disable = false
|
||||
port = 8545
|
||||
interface = "local"
|
||||
cors = "null"
|
||||
cors = ["null"]
|
||||
apis = ["web3", "eth", "net", "parity", "traces", "rpc", "secretstore"]
|
||||
hosts = ["none"]
|
||||
|
||||
@ -91,7 +91,7 @@ path = "$HOME/.parity/secretstore"
|
||||
enable = false
|
||||
port = 5001
|
||||
interface = "local"
|
||||
cors = "null"
|
||||
cors = ["null"]
|
||||
hosts = ["none"]
|
||||
|
||||
[mining]
|
||||
|
@ -775,13 +775,19 @@ impl Configuration {
|
||||
apis.join(",")
|
||||
}
|
||||
|
||||
fn cors(cors: Option<&String>) -> Option<Vec<String>> {
|
||||
cors.map(|ref c| c.split(',').map(Into::into).collect())
|
||||
fn cors(cors: &str) -> Option<Vec<String>> {
|
||||
match cors {
|
||||
"none" => return Some(Vec::new()),
|
||||
"*" | "all" | "any" => return None,
|
||||
_ => {},
|
||||
}
|
||||
|
||||
Some(cors.split(',').map(Into::into).collect())
|
||||
}
|
||||
|
||||
fn rpc_cors(&self) -> Option<Vec<String>> {
|
||||
let cors = self.args.arg_jsonrpc_cors.as_ref().or(self.args.arg_rpccorsdomain.as_ref());
|
||||
Self::cors(cors)
|
||||
let cors = self.args.arg_rpccorsdomain.clone().unwrap_or_else(|| self.args.arg_jsonrpc_cors.to_owned());
|
||||
Self::cors(&cors)
|
||||
}
|
||||
|
||||
fn ipfs_cors(&self) -> Option<Vec<String>> {
|
||||
@ -1458,7 +1464,7 @@ mod tests {
|
||||
assert_eq!(net.rpc_enabled, true);
|
||||
assert_eq!(net.rpc_interface, "0.0.0.0".to_owned());
|
||||
assert_eq!(net.rpc_port, 8000);
|
||||
assert_eq!(conf.rpc_cors(), Some(vec!["*".to_owned()]));
|
||||
assert_eq!(conf.rpc_cors(), None);
|
||||
assert_eq!(conf.rpc_apis(), "web3,eth".to_owned());
|
||||
}
|
||||
|
||||
@ -1525,8 +1531,8 @@ mod tests {
|
||||
let conf2 = parse(&["parity", "--ipfs-api-cors", "http://parity.io,http://something.io"]);
|
||||
|
||||
// then
|
||||
assert_eq!(conf0.ipfs_cors(), None);
|
||||
assert_eq!(conf1.ipfs_cors(), Some(vec!["*".into()]));
|
||||
assert_eq!(conf0.ipfs_cors(), Some(vec![]));
|
||||
assert_eq!(conf1.ipfs_cors(), None);
|
||||
assert_eq!(conf2.ipfs_cors(), Some(vec!["http://parity.io".into(),"http://something.io".into()]));
|
||||
}
|
||||
|
||||
|
@ -34,8 +34,8 @@ impl Default for Configuration {
|
||||
enabled: false,
|
||||
port: 5001,
|
||||
interface: "127.0.0.1".into(),
|
||||
cors: None,
|
||||
hosts: Some(Vec::new()),
|
||||
cors: Some(vec![]),
|
||||
hosts: Some(vec![]),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -59,8 +59,8 @@ impl Default for HttpConfiguration {
|
||||
interface: "127.0.0.1".into(),
|
||||
port: 8545,
|
||||
apis: ApiSet::UnsafeContext,
|
||||
cors: None,
|
||||
hosts: Some(Vec::new()),
|
||||
cors: Some(vec![]),
|
||||
hosts: Some(vec![]),
|
||||
server_threads: 1,
|
||||
processing_threads: 4,
|
||||
}
|
||||
@ -98,7 +98,7 @@ impl From<UiConfiguration> for HttpConfiguration {
|
||||
interface: conf.interface,
|
||||
port: conf.port,
|
||||
apis: rpc_apis::ApiSet::UnsafeContext,
|
||||
cors: None,
|
||||
cors: Some(vec![]),
|
||||
hosts: conf.hosts,
|
||||
server_threads: 1,
|
||||
processing_threads: 0,
|
||||
|
Loading…
Reference in New Issue
Block a user