realloc/frostfs-s3-gw
1
0
Fork 0
forked from TrueCloudLab/frostfs-s3-gw
Code Issues Pull requests Projects Releases Packages Wiki Activity

[#672] Support wildcard in allowed origins and headers

Browse source 
Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
This commit is contained in:
Marina Biryukova 2025-03-31 14:42:59 +03:00
parent 2ad2531d3a
commit e45c1a2188
6 changed files with 724 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

13
api/layer/cors.go
View file

@ -7,6 +7,7 @@ import (
"errors"
"fmt"
"io"
"strings"
"git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
@ -173,13 +174,23 @@ func (n *Layer) deleteCORSVersions(ctx context.Context, bktInfo *data.BucketInfo
func checkCORS(cors *data.CORSConfiguration) error {
for _, r := range cors.CORSRules {
for _, o := range r.AllowedOrigins {
if strings.Count(o, "*") > 1 {
return apierr.GetAPIError(apierr.ErrCORSWildcardsAllowedOrigins)
}
}
for _, h := range r.AllowedHeaders {
if strings.Count(h, "*") > 1 {
return apierr.GetAPIError(apierr.ErrCORSWildcardsAllowedHeaders)
}
}
for _, m := range r.AllowedMethods {
if _, ok := supportedMethods[m]; !ok {
return apierr.GetAPIErrorWithError(apierr.ErrCORSUnsupportedMethod, fmt.Errorf("unsupported method is %s", m))
}
}
for _, h := range r.ExposeHeaders {
if h == wildcard {
if strings.Contains(h, wildcard) {
return apierr.GetAPIError(apierr.ErrCORSWildcardExposeHeaders)
}
}