Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in / Register
  • O OS Core Lib Azure
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 9
    • Issues 9
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 9
    • Merge requests 9
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Open Subsurface Data Universe SoftwareOpen Subsurface Data Universe Software
  • Platform
  • System
  • Lib
  • cloud
  • azure
  • OS Core Lib Azure
  • Merge requests
  • !252

CORS | Send back null headers from all services so that istio CORS policy honored

  • Review changes

  • Download
  • Email patches
  • Plain diff
Closed Srishti Sharma requested to merge srsharmaCORS1 into master Oct 26, 2022
  • Overview 0
  • Commits 1
  • Pipelines 2
  • Changes 1

All Submissions:


  • [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
  • [YES/NO] I have updated the documentation accordingly.
  • [YES/NO/NA] I have added tests to cover my changes.
  • [YES/NO/NA] All new and existing tests passed.
  • [YES/NO/NA] My code follows the code style of this project.
  • [YES/NO/NA] I ran lint checks locally prior to submission.

What is the issue or story related to the change?


  • Feature: Implement CORS
  • We update CORS policy in istio
  • Currently all services send back hardcoded response headers due to which istio's CORS is not implemented.
  • Created a new class in core-lib-azure which implements Filter. It sends back null headers from all services so that istio CORS policy honored.

Response: 403 - CORS Error for different origin - Expected image

Console: Access to XMLHttpRequest at 'https://mstest3338.oep.ppe.azure-int.net/api/file/v2/files/uploadURL' from origin 'https://www.test-cors.org' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Response: 200 response for valid origin – Expected Result **Updated istio CORS to allow origin https://www.test-cors.org image

Edited Oct 26, 2022 by Srishti Sharma
Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: srsharmaCORS1