-
Notifications
You must be signed in to change notification settings - Fork 1.3k
[proxy] Enable CORS for api.<domain> from https://<domain> origin #13743
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
started the job as gitpod-build-mp-proxy-cors-allowed-origins-config.1 because the annotations in the pull request description changed |
f44ef93
to
66c696b
Compare
66c696b
to
a62d94b
Compare
Trying to come up with a negative test (waiting for preview env)... |
Negative is here:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code LGTM, tested and works ☑️
Jep that one worked, was looking for testing with a previous commit, without any of these changes. but worked as well. 👍 |
Description
Extends our CORS plugin configuration to specify AllowedOrigins. This is done because the
BaseDomain
subdirective does not work (see #13740 for why), and in this case because we're enabling the cors for the sub-domain (api.) but allowing traffic from the root domain, we cannot use theBaseDomain
directive anyway.Related Issue(s)
How to test
Test we get the expected
Access-Control-Allow-*
headers when Origin is GITPOD_DOMAINTest that no CORS are present when Origin does not match
Release Notes
Documentation
Werft options:
If enabled this will build
install/preview
Valid options are
all
,workspace
,webapp
,ide