Google Git
Sign in
apache / incubator-devlake / refs/heads/kw-cobalt-6-test^! / .
commit1f7043f155bf2e4c17bf9122346ba01ef3f9d9a8[log] [tgz]
authorKlesh Wong <zhenmian.huang@merico.dev>Tue May 07 15:30:15 2024 +0800
committerKlesh Wong <zhenmian.huang@merico.dev>Tue May 07 15:52:23 2024 +0800
tree7a3fcca3d95f3721be4e2e86ec0bcaad44b1db3e
parentea2cdbcc55b73c6f9cbf5d5582b61844e776f31a [diff]
fix cors (#7433)

* fix: cors is not working

* chore: upgrade mockery
diff --git a/backend/Makefile b/backend/Makefile
index 34ae768..21106ed 100644
--- a/backend/Makefile
+++ b/backend/Makefile

@@ -27,7 +27,7 @@
 all: build
 
 go-dep:
-	go install github.com/vektra/mockery/v2@v2.20.0
+	go install github.com/vektra/mockery/v2@2.43.0
 	go install github.com/swaggo/swag/cmd/swag@v1.16.1
 	go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.53.3
 

diff --git a/backend/core/config/config_viper.go b/backend/core/config/config_viper.go
index ea5ed6d..16060c4 100644
--- a/backend/core/config/config_viper.go
+++ b/backend/core/config/config_viper.go

@@ -105,6 +105,7 @@
 	v.SetDefault("REMOTE_PLUGIN_DIR", "python/plugins")
 	v.SetDefault("SWAGGER_DOCS_DIR", "resources/swagger")
 	v.SetDefault("RESUME_PIPELINES", true)
+	v.SetDefault("CORS_ALLOW_ORIGIN", "*")
 }
 
 func init() {

diff --git a/backend/server/api/api.go b/backend/server/api/api.go
index 50f5ceb..fd65962 100644
--- a/backend/server/api/api.go
+++ b/backend/server/api/api.go

@@ -77,6 +77,23 @@
 	// Create router
 	router := gin.Default()
 
+	// Enable CORS
+	cfg := basicRes.GetConfigReader()
+	router.Use(cors.New(cors.Config{
+		// Allow all origins
+		AllowOrigins: cfg.GetStringSlice("CORS_ALLOW_ORIGIN"),
+		// Allow common methods
+		AllowMethods: []string{"PUT", "PATCH", "POST", "GET", "OPTIONS"},
+		// Allow common headers
+		AllowHeaders: []string{"Origin", "Content-Type"},
+		// Expose these headers
+		ExposeHeaders: []string{"Content-Length"},
+		// Allow credentials
+		AllowCredentials: false,
+		// Cache for 2 hours
+		MaxAge: 120 * time.Hour,
+	}))
+
 	// For both protected and unprotected routes
 	router.GET("/ping", ping.Get)
 	router.GET("/ready", ping.Ready)
@@ -138,23 +155,6 @@
 	gin.DebugPrintRouteFunc = func(httpMethod, absolutePath, handlerName string, nuHandlers int) {
 		logruslog.Global.Printf("endpoint %v %v %v %v", httpMethod, absolutePath, handlerName, nuHandlers)
 	}
-
-	// Enable CORS
-	router.Use(cors.New(cors.Config{
-		// Allow all origins
-		AllowOrigins: []string{"*"},
-		// Allow common methods
-		AllowMethods: []string{"PUT", "PATCH", "POST", "GET", "OPTIONS"},
-		// Allow common headers
-		AllowHeaders: []string{"Origin", "Content-Type"},
-		// Expose these headers
-		ExposeHeaders: []string{"Content-Length"},
-		// Allow credentials
-		AllowCredentials: true,
-		// Cache for 2 hours
-		MaxAge: 120 * time.Hour,
-	}))
-
 	// Register API endpoints
 	RegisterRouter(router, basicRes)
 }