grassrootseconomics/openethereum
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Echo CORS request headers by default (#10221)

Browse Source 
* Echo CORS request headers by default

More details in https://github.com/paritytech/parity-ethereum/issues/6616.

* fixup: Single line
This commit is contained in:
Michael Müller 2019-01-21 11:30:24 +01:00 committed by Andrew Jones
parent 708e495c28
commit 940a88fa4e
3 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ethcore/res/ethereum/tests

@ -1 +1 @@
Subproject commit 420f443477caa8516f1f9ee8122fafc3415c0f34 Subproject commit 2cd62aeec11da29766b30d500f2b9a96f1f28cf0

4
rpc/src/lib.rs
View File

@ -114,7 +114,7 @@ pub use ipc::{Server as IpcServer, MetaExtractor as IpcMetaExtractor, RequestCon
pub use http::{ pub use http::{
hyper, hyper,
RequestMiddleware, RequestMiddlewareAction, RequestMiddleware, RequestMiddlewareAction,
AccessControlAllowOrigin, Host, DomainsValidation AccessControlAllowOrigin, Host, DomainsValidation, cors::AccessControlAllowHeaders
}; };
pub use v1::{NetworkSettings, Metadata, Origin, informant, dispatch, signer}; pub use v1::{NetworkSettings, Metadata, Origin, informant, dispatch, signer};
@ -151,6 +151,7 @@ pub fn start_http<M, S, H, T>(
.cors(cors_domains.into()) .cors(cors_domains.into())
.allowed_hosts(allowed_hosts.into()) .allowed_hosts(allowed_hosts.into())
.health_api(("/api/health", "parity_nodeStatus")) .health_api(("/api/health", "parity_nodeStatus"))
.cors_allow_headers(AccessControlAllowHeaders::Any)
.max_request_body_size(max_payload * 1024 * 1024) .max_request_body_size(max_payload * 1024 * 1024)
.start_http(addr)?) .start_http(addr)?)
} }
@ -180,6 +181,7 @@ pub fn start_http_with_middleware<M, S, H, T, R>(
.threads(threads) .threads(threads)
.cors(cors_domains.into()) .cors(cors_domains.into())
.allowed_hosts(allowed_hosts.into()) .allowed_hosts(allowed_hosts.into())
.cors_allow_headers(AccessControlAllowHeaders::Any)
.max_request_body_size(max_payload * 1024 * 1024) .max_request_body_size(max_payload * 1024 * 1024)
.request_middleware(middleware) .request_middleware(middleware)
.start_http(addr)?) .start_http(addr)?)

27
rpc/src/tests/rpc.rs
View File

@ -116,4 +116,31 @@ mod tests {
res.assert_status("HTTP/1.1 200 OK"); res.assert_status("HTTP/1.1 200 OK");
assert_eq!(res.body, expected); assert_eq!(res.body, expected);
} }
#[test]
fn should_respond_valid_to_any_requested_header() {
// given
let (server, address) = serve();
let headers = "Something, Anything, Xyz, 123, _?";
// when
let res = request(server,
&format!("\
OPTIONS / HTTP/1.1\r\n\
Host: {}\r\n\
Origin: http://parity.io\r\n\
Content-Length: 0\r\n\
Content-Type: application/json\r\n\
Connection: close\r\n\
Access-Control-Request-Headers: {}\r\n\
\r\n\
", address, headers)
);
// then
assert_eq!(res.status, "HTTP/1.1 200 OK".to_owned());
let expected = format!("access-control-allow-headers: {}", headers);
assert!(res.headers.contains(&expected), "Headers missing in {:?}", res.headers);
}
} }