Deprecate field 'webCorsOrigin' but keep temporary support for it.

This commit is contained in:
Yannick Mau 2020-02-28 01:17:53 +01:00
parent 413b27a21e
commit 002b7cbf97
3 changed files with 16 additions and 8 deletions

View File

@ -3,5 +3,6 @@
"apiLogPath": null,
"webBindAddress": "127.0.0.1",
"webBindPort": 8765,
"webCorsOrigin": ["http://localhost"]
"webCorsOrigin": "http://localhost",
"webCorsOriginList": ["http://localhost"]
}

View File

@ -54,6 +54,7 @@ def setting(key):
'webBindAddress': os.getenv('ANKICONNECT_BIND_ADDRESS', '127.0.0.1'),
'webBindPort': 8765,
'webCorsOrigin': os.getenv('ANKICONNECT_CORS_ORIGIN', 'http://localhost'),
'webCorsOriginList': ['http://localhost'],
'webTimeout': 10000,
}

View File

@ -154,13 +154,19 @@ class WebServer:
body = json.dumps(None).encode('utf-8')
# handle multiple cors origins by checking the 'origin'-header against the allowed origin list from the config
webCorsOriginsSetting = util.setting('webCorsOrigin')
corsOrigin = "http://localhost"
if len(webCorsOriginsSetting) == 1:
corsOrigin = webCorsOriginsSetting[0]
elif b"origin" in req.headers:
originStr = req.headers[b"origin"].decode()
if originStr in webCorsOriginsSetting:
webCorsOriginList = util.setting('webCorsOriginList')
# keep support for deprecated 'webCorsOrigin' field, as long it is not removed
webCorsOrigin = util.setting('webCorsOrigin')
if webCorsOrigin:
webCorsOriginList.append(webCorsOrigin)
corsOrigin = 'http://localhost'
if len(webCorsOriginList) == 1:
corsOrigin = webCorsOriginList[0]
elif b'origin' in req.headers:
originStr = req.headers[b'origin'].decode()
if originStr in webCorsOriginList:
corsOrigin = originStr
headers = [