You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/06/15 08:06:17 UTC

[GitHub] [apisix] aiyiyi121 opened a new issue, #7255: help request: Questions about code of CORS plugin

aiyiyi121 opened a new issue, #7255:
URL: https://github.com/apache/apisix/issues/7255

   ### Description
   
   ```
   if conf.allow_headers == "**" then
       core.response.set_header("Access-Control-Allow-Headers",
           core.request.header(ctx, "Access-Control-Request-Headers"))
   else
       core.response.set_header("Access-Control-Allow-Headers", conf.allow_headers)
   end
   ```
   
   I'm confused，why set the response header `Access-Control-Allow-Headers` as `Access-Control-Request-Headers` when ’allow_headers‘  is ‘**’. If the value of `Access-Control-Request-Headers` is null, the value of `Access-Control-Allow-Headers` will be null too, and then leads to problems
   
   ### Environment
   
   - APISIX version (run `apisix version`): 2.10
   - Operating system (run `uname -a`):
   - OpenResty / Nginx version (run `openresty -V` or `nginx -V`):
   - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`):
   - APISIX Dashboard version, if relevant:
   - Plugin runner version, for issues related to plugin runners:
   - LuaRocks version, for installation issues (run `luarocks --version`):
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] jwrookie commented on issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

jwrookie commented on issue #7255:
URL: https://github.com/apache/apisix/issues/7255#issuecomment-1157257515

   Why do you need to set cors headers by upstream services when the cors plugin is already in use ?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] tzssangglass commented on issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

tzssangglass commented on issue #7255:
URL: https://github.com/apache/apisix/issues/7255#issuecomment-1157341362

   > The upstream server has added the cors headers, we can't modify the upstream easily because it's very old.
   
   In this case I suggest you modify the plugin yourself to meet your needs.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] aiyiyi121 closed issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

aiyiyi121 closed issue #7255: help request: Questions about code of CORS plugin
URL: https://github.com/apache/apisix/issues/7255


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] jwrookie commented on issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

jwrookie commented on issue #7255:
URL: https://github.com/apache/apisix/issues/7255#issuecomment-1157301833

   I don't understand what you mean, can setting `allow_headers` solve your problem?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] aiyiyi121 commented on issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

aiyiyi121 commented on issue #7255:
URL: https://github.com/apache/apisix/issues/7255#issuecomment-1157284954

   > Why do you need to set cors headers by upstream services when the cors plugin is already in use ?
   
   The upstream server has added the cors headers, we can't modify the upstream easily because it's very old. 
   I meet up  a problem, apisix will lost the cors header when I use `http` to request the `https` upstream server, so I attempt to add cors by apisix. but I find `Access-Control-Allow-Headers` will be set to null. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] aiyiyi121 commented on issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

aiyiyi121 commented on issue #7255:
URL: https://github.com/apache/apisix/issues/7255#issuecomment-1157361761

   > > The upstream server has added the cors headers, we can't modify the upstream easily because it's very old.
   > 
   > In this case I suggest you modify the plugin yourself to meet your needs.
   
   ok, thanks. I have soloved the problem by http to https plugin. I am still confused about the code of cors plugin as described above， but that doesn't matter.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] aiyiyi121 commented on issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

aiyiyi121 commented on issue #7255:
URL: https://github.com/apache/apisix/issues/7255#issuecomment-1157248846

   > > the value of `Access-Control-Allow-Headers` will be null too, and then leads to problems
   > 
   > Please give examples
   
   When the upstream server has added the cors response header, but there is no `Access-Control-Request-Headers`，apisix wiil set `Access-Control-Allow-Headers` to null


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] tzssangglass commented on issue #7255: help request: Questions about code of CORS plugin

Posted by GitBox <gi...@apache.org>.

tzssangglass commented on issue #7255:
URL: https://github.com/apache/apisix/issues/7255#issuecomment-1156678922

   > the value of `Access-Control-Allow-Headers` will be null too, and then leads to problems
   
   Please give examples


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org