tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add config options for testing the Origin header in cors requests

Browse Source 
- allow_all_cors_origins - whether or not to allow all origins
- allowed_cors_origins - a list of allowed origins (used if allow_all_cors_origins is false)
This commit is contained in:
Tomasz Sowa
2022-08-31 20:42:42 +02:00
parent 778ed01a55
commit a19158cb62
7 changed files with 117 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
winixd/core/config.h
View File

@@ -976,7 +976,17 @@ public:
// if the limit is reached then the http status 503 Service Unavailable is returned
size_t request_queue_job_limit;
// whether or not all origins are allowed in cors requests
// default: false;
// if false then we check allowed_cors_origins table to check whether the origin is available (origin is sent in Origin header),
// if allow_all_cors_origins is false and allowed_cors_origins is empty then by default we do not allow cors requests
// (but you can still allow it in your function/controller by overriding IsCorsOriginAvailable(...) method)
bool allow_all_cors_origins;
// list of allowed origins in cors requests
// used only if allow_all_cors_origins is false
// default: empty
std::vector<std::wstring> allowed_cors_origins;
Config();