Remove enabled option for CORS

By default, CORS middleware can allow requests from any origin. So it's not
necessary to use the 'enabled' option.

Closes-bug: #1677049
Co-Authored-By: wangxiyuan<wangxiyuan@huawei.com>
Change-Id: Id80e17466400937bba9fbb4aa2a2b65de9d62252
This commit is contained in:
Fei Long Wang 2017-03-29 11:06:25 +13:00 committed by wangxiyuan
parent e501f4013e
commit 4cdee047f7
7 changed files with 58 additions and 33 deletions

View File

@ -111,11 +111,6 @@ function configure_zaqar {
iniset $ZAQAR_CONF DEFAULT pooling True iniset $ZAQAR_CONF DEFAULT pooling True
iniset $ZAQAR_CONF 'pooling:catalog' enable_virtual_pool True iniset $ZAQAR_CONF 'pooling:catalog' enable_virtual_pool True
if [ "CORS_ENABLED" == 'true'] ; then
iniset $ZAQAR_CONF cors
iniset $ZAQAR_CONF 'cors' enabled True
fi
# NOTE(flaper87): Configure mongodb regardless so we can use it as a pool # NOTE(flaper87): Configure mongodb regardless so we can use it as a pool
# in tests. # in tests.
configure_mongodb configure_mongodb

View File

@ -45,7 +45,4 @@ ZAQAR_TRUSTEE_DOMAIN=${ZAQAR_TRUSTEE_DOMAIN:-default}
# Tell Tempest this project is present # Tell Tempest this project is present
TEMPEST_SERVICES+=,zaqar TEMPEST_SERVICES+=,zaqar
# CORS
CORS_ENABLED=${CORS_ENABLED:-false}
enable_service zaqar-websocket zaqar-wsgi enable_service zaqar-websocket zaqar-wsgi

View File

@ -25,11 +25,6 @@ New Config Options
There are some new config options. There are some new config options.
**enabled**
Enables CORS functions for Zaqar. The default value is "False" at this moment.
It will be turn to "True" in the future once it's stable enough.
**allowed_origin** **allowed_origin**
Indicate whether this resource may be shared with the domain received in the Indicate whether this resource may be shared with the domain received in the

View File

@ -1,4 +1,3 @@
--- ---
features: features:
- Zaqar now supports Cross-Origin Resource Sharing (CORS). It turns off by - Zaqar now supports Cross-Origin Resource Sharing (CORS).
default. Use "enable=True" in [cors] section from zaqar.conf to use it.

View File

@ -118,19 +118,9 @@ _PROFILER_OPTIONS = [
_PROFILER_GROUP = "profiler" _PROFILER_GROUP = "profiler"
_CORS_OPTIONS = [
cfg.BoolOpt("enabled", default=False,
help="Whether enable Cross Origin Resource Sharing(CORS) "
"function from oslo.middleware"),
]
_CORS_GROUP = "cors"
def _config_options(): def _config_options():
return [(None, _GENERAL_OPTIONS), return [(None, _GENERAL_OPTIONS),
(_DRIVER_GROUP, _DRIVER_OPTIONS), (_DRIVER_GROUP, _DRIVER_OPTIONS),
(_SIGNED_URL_GROUP, _SIGNED_URL_OPTIONS), (_SIGNED_URL_GROUP, _SIGNED_URL_OPTIONS),
(_NOTIFICATION_GROUP, _NOTIFICATION_OPTIONS), (_NOTIFICATION_GROUP, _NOTIFICATION_OPTIONS),
(_PROFILER_GROUP, _PROFILER_OPTIONS), (_PROFILER_GROUP, _PROFILER_OPTIONS)]
(_CORS_GROUP, _CORS_OPTIONS)]

View File

@ -12,6 +12,8 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import six.moves.urllib.parse as urlparse
import webob
from oslo_log import log from oslo_log import log
from oslo_middleware import cors from oslo_middleware import cors
@ -19,10 +21,59 @@ from oslo_middleware import cors
LOG = log.getLogger(__name__) LOG = log.getLogger(__name__)
class Response(webob.Response):
def __call__(self, environ, start_response):
"""WSGI application interface"""
if self.conditional_response:
return self.conditional_response_app(environ, start_response)
headerlist = self._abs_headerlist(environ)
start_response(self.status, headerlist)
if environ['REQUEST_METHOD'] == 'HEAD':
# Special case here...
# NOTE(wangxiyuan): webob.response.Response always return
# EmptyResponse here. This behavior breaks backward-compatibility.
# so we need to 'fix' it here manually.
return []
return self._app_iter
def _abs_headerlist(self, *args, **kwargs):
headerlist = super(Response, self)._abs_headerlist(*args, **kwargs)
# NOTE(wangxiyuan): webob.response.Response always convert relative
# path to absolute path given the request environ on location field in
# the header of response. This behavior breaks backward-compatibility.
# so we need to 'fix' it here manually.
for i, (name, value) in enumerate(headerlist):
if name.lower() == 'location':
loc = urlparse.urlparse(value)
relative_path = value[value.index(loc.path):]
headerlist[i] = (name, relative_path)
break
return headerlist
class Request(webob.Request):
ResponseClass = Response
class CORSMiddleware(object): class CORSMiddleware(object):
def __init__(self, app, auth_app, conf):
self._app = cors.CORS(app, conf)
# We don't auth here. It's just used for keeping consistence.
self._auth_app = auth_app
@webob.dec.wsgify(RequestClass=Request)
def __call__(self, request):
return self._app(request)
@classmethod @classmethod
def install(cls, app, conf): def install(cls, app, auth_app, conf):
LOG.debug(u'Installing CORS middleware.') LOG.debug(u'Installing CORS middleware.')
cors.set_defaults( cors.set_defaults(
@ -47,9 +98,8 @@ class CORSMiddleware(object):
'PATCH', 'PATCH',
'HEAD'] 'HEAD']
) )
return CORSMiddleware(app, auth_app, conf)
return cors.CORS(app, conf)
def install_cors(app, conf): def install_cors(app, auth_app, conf):
return CORSMiddleware.install(app, conf) return CORSMiddleware.install(app, auth_app, conf)

View File

@ -156,8 +156,7 @@ class Driver(transport.DriverBase):
# NOTE(wangxiyuan): Install CORS, this middleware should be called # NOTE(wangxiyuan): Install CORS, this middleware should be called
# before Keystone auth. # before Keystone auth.
if self._conf.cors.enabled: self.app = cors.install_cors(self.app, auth_app, self._conf)
self.app = cors.install_cors(self.app, self._conf)
acl.setup_policy(self._conf) acl.setup_policy(self._conf)