Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update CORS configuration #578

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Update CORS configuration #578

wants to merge 2 commits into from

Conversation

dennisvang
Copy link
Contributor

@dennisvang dennisvang commented Nov 1, 2024
edited
Loading

Replaces legacy CORSFilter implementation by modern configuration based on CorsRegistry.

This uses the same CORS settings as the original implementation, viz. allow all origins.

I did not check if it is desirable and/or safe to keep those settings. May be a good idea to review that choice.

fixes #549

@dennisvang dennisvang changed the title update to CORS configuration update to modern CORS configuration Nov 1, 2024
@dennisvang dennisvang changed the title update to modern CORS configuration modern CORS configuration Nov 1, 2024
@dennisvang dennisvang changed the title modern CORS configuration updated CORS configuration Nov 4, 2024
@dennisvang dennisvang added this to the release 2.0 milestone Nov 12, 2024
@dennisvang dennisvang marked this pull request as ready for review December 2, 2024 11:08
@MarekSuchanek
Copy link
Contributor

@dennisvang could you please rebase based on the updated develop where dependencies were updated (so it should also pass the security checks) and check it still works as desired?

Also, are you OK to switch from bugfix to chore? Or it was not working properly before the change?

@MarekSuchanek MarekSuchanek changed the title updated CORS configuration Update CORS configuration Jan 20, 2025
@dennisvang
Copy link
Contributor Author

@dennisvang could you please rebase based on the updated develop where dependencies were updated (so it should also pass the security checks) and check it still works as desired?

Hi @MarekSuchanek thanks for picking this up. I'll rebase a.s.a.p.

Also, are you OK to switch from bugfix to chore? Or it was not working properly before the change?

The change was prompted by #549 so I guess bugfix would apply.

@dennisvang
Copy link
Contributor Author

@MarekSuchanek The Snyk Maven check keeps failing to authenticate, for some unknown reason. The PR does not change anything related to github actions. Any ideas?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarekSuchanek MarekSuchanek Awaiting requested review from MarekSuchanek

Assignees
No one assigned
Labels
bugfix
Projects
None yet
Milestone
release 2.0
Development

Successfully merging this pull request may close these issues.

v1.17.1: cannot login from client? [CORS header ‘Access-Control-Allow-Origin’ missing?]
2 participants
@dennisvang @MarekSuchanek