grassrootseconomics/openethereum
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Allow specifying extra cors headers for dapps (#4710)

Browse Source
This commit is contained in:
Tomasz Drwięga
2017-03-07 17:33:28 +01:00
committed by Arkadiy Paronyan
parent ae3f85bd5b
commit 4868f758bf
8 changed files with 76 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
parity/cli/mod.rs
View File

@@ -181,6 +181,8 @@ usage! {
or |c: &Config| otry!(c.dapps).interface.clone(),
flag_dapps_hosts: String = "none",
or |c: &Config| otry!(c.dapps).hosts.as_ref().map(|vec| vec.join(",")),
flag_dapps_cors: Option<String> = None,
or |c: &Config| otry!(c.dapps).cors.clone().map(Some),
flag_dapps_path: String = "$BASE/dapps",
or |c: &Config| otry!(c.dapps).path.clone(),
flag_dapps_user: Option<String> = None,
@@ -428,6 +430,7 @@ struct Dapps {
port: Option<u16>,
interface: Option<String>,
hosts: Option<Vec<String>>,
cors: Option<String>,
path: Option<String>,
user: Option<String>,
pass: Option<String>,
@@ -674,6 +677,7 @@ mod tests {
flag_dapps_port: 8080u16,
flag_dapps_interface: "local".into(),
flag_dapps_hosts: "none".into(),
flag_dapps_cors: None,
flag_dapps_path: "$HOME/.parity/dapps".into(),
flag_dapps_user: Some("test_user".into()),
flag_dapps_pass: Some("test_pass".into()),
@@ -873,6 +877,7 @@ mod tests {
path: None,
interface: None,
hosts: None,
cors: None,
user: Some("username".into()),
pass: Some("password".into())
}),

2
parity/cli/usage.txt
View File

@@ -164,6 +164,8 @@ API and Console Options:
is additional security against some attack
vectors. Special options: "all", "none",
(default: {flag_dapps_hosts}).
--dapps-cors URL Specify CORS headers for Dapps server APIs.
(default: {flag_dapps_cors:?})
--dapps-user USERNAME Specify username for Dapps server. It will be
used in HTTP Basic Authentication Scheme.
If --dapps-pass is not specified you will be

5
parity/configuration.rs
View File

@@ -546,6 +546,7 @@ impl Configuration {
interface: self.dapps_interface(),
port: self.args.flag_dapps_port,
hosts: self.dapps_hosts(),
cors: self.dapps_cors(),
user: self.args.flag_dapps_user.clone(),
pass: self.args.flag_dapps_pass.clone(),
dapps_path: PathBuf::from(self.directories().dapps),
@@ -722,6 +723,10 @@ impl Configuration {
Self::cors(self.args.flag_ipfs_api_cors.as_ref())
}
fn dapps_cors(&self) -> Option<Vec<String>> {
Self::cors(self.args.flag_dapps_cors.as_ref())
}
fn hosts(hosts: &str) -> Option<Vec<String>> {
match hosts {
"none" => return Some(Vec::new()),

8
parity/dapps.rs
View File

@@ -33,6 +33,7 @@ pub struct Configuration {
pub interface: String,
pub port: u16,
pub hosts: Option<Vec<String>>,
pub cors: Option<Vec<String>>,
pub user: Option<String>,
pub pass: Option<String>,
pub dapps_path: PathBuf,
@@ -48,6 +49,7 @@ impl Default for Configuration {
interface: "127.0.0.1".into(),
port: 8080,
hosts: Some(Vec::new()),
cors: None,
user: None,
pass: None,
dapps_path: replace_home(&data_dir, "$BASE/dapps").into(),
@@ -93,6 +95,7 @@ pub fn new(configuration: Configuration, deps: Dependencies) -> Result<Option<We
configuration.extra_dapps,
&addr,
configuration.hosts,
configuration.cors,
auth,
configuration.all_apis,
)?))
@@ -114,6 +117,7 @@ mod server {
_extra_dapps: Vec<PathBuf>,
_url: &SocketAddr,
_allowed_hosts: Option<Vec<String>>,
_cors: Option<Vec<String>>,
_auth: Option<(String, String)>,
_all_apis: bool,
) -> Result<WebappServer, String> {
@@ -147,6 +151,7 @@ mod server {
extra_dapps: Vec<PathBuf>,
url: &SocketAddr,
allowed_hosts: Option<Vec<String>>,
cors: Option<Vec<String>>,
auth: Option<(String, String)>,
all_apis: bool,
) -> Result<WebappServer, String> {
@@ -167,7 +172,8 @@ mod server {
.web_proxy_tokens(Arc::new(move |token| signer.is_valid_web_proxy_access_token(&token)))
.extra_dapps(&extra_dapps)
.signer_address(deps.signer.address())
.allowed_hosts(allowed_hosts);
.allowed_hosts(allowed_hosts)
.extra_cors_headers(cors);
let api_set = if all_apis {
warn!("{}", Colour::Red.bold().paint("*** INSECURE *** Running Dapps with all APIs exposed."));