mirror of
https://github.com/googleforgames/open-match.git
synced 2025-03-29 22:44:20 +00:00
Set CORS policy on open-match.dev (#373)
This commit is contained in:
Jeremy Edwards
GitHub
3
Makefile
3
Makefile
@ -658,6 +658,9 @@ ifeq ($(_GCB_POST_SUBMIT),1)
|
||||
ifeq ($(MAJOR_MINOR_VERSION),$(_GCB_LATEST_VERSION))
|
||||
sed -i 's/service:.*/service: default/g' $(BUILD_DIR)/site/.app.yaml
|
||||
(cd $(BUILD_DIR)/site && gcloud $(OM_SITE_GCP_PROJECT_FLAG) app deploy .app.yaml --promote --version=$(GAE_SITE_VERSION) --verbosity=info)
|
||||
# Set CORS policy on GCS bucket so that Swagger UI will work against it.
|
||||
# This only needs to be set once but in the interest of enforcing a consistency we'll apply this every deployment.
|
||||
gsutil cors set $(REPOSITORY_ROOT)/site/gcs-cors.json gs://open-match-chart/
|
||||
endif
|
||||
else
|
||||
@echo "Not deploying $(GAE_SERVICE_NAME).open-match.dev because this is not a post commit change."
|
||||
|
||||
19
site/gcs-cors.json
Normal file
19
site/gcs-cors.json
Normal file
@ -0,0 +1,19 @@
|
||||
[
|
||||
{
|
||||
"maxAgeSeconds": 3600,
|
||||
"method": [
|
||||
"GET",
|
||||
"POST",
|
||||
"PUT",
|
||||
"PATCH",
|
||||
"HEAD",
|
||||
"DELETE"
|
||||
],
|
||||
"origin": [
|
||||
"*"
|
||||
],
|
||||
"responseHeader": [
|
||||
"Content-Type"
|
||||
]
|
||||
}
|
||||
]
|
||||
@ -146,16 +146,19 @@ func (h *handler) serveIndex(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
func (h *handler) serveChart(w http.ResponseWriter, r *http.Request, path string) {
|
||||
root := "https://storage.googleapis.com/open-match-chart/chart"
|
||||
h.withCors(w)
|
||||
http.Redirect(w, r, root+path, http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
||||
func (h *handler) serveInstallYaml(w http.ResponseWriter, r *http.Request, path string) {
|
||||
root := "https://storage.googleapis.com/open-match-chart/install"
|
||||
h.withCors(w)
|
||||
http.Redirect(w, r, root+path, http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
||||
func (h *handler) serveSwaggerAPI(w http.ResponseWriter, r *http.Request, path string) {
|
||||
root := "https://storage.googleapis.com/open-match-chart/api"
|
||||
h.withCors(w)
|
||||
http.Redirect(w, r, root+path, http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
||||
@ -167,6 +170,14 @@ func (h *handler) Host(r *http.Request) string {
|
||||
return host
|
||||
}
|
||||
|
||||
// withCors adds CORS headers to responses to tell the browser it's ok to read data from this URI if the source does not match the base URI.
|
||||
// This is ok because we are not serving executable code (javascript) from these locations, only configuration.
|
||||
func (h *handler) withCors(w http.ResponseWriter) {
|
||||
w.Header().Set("Access-Control-Allow-Origin", "*")
|
||||
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
|
||||
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
|
||||
}
|
||||
|
||||
var vanityTmpl = template.Must(template.New("vanity").Parse(`<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
|
||||
@ -158,16 +158,19 @@ func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
func (h *handler) serveChart(w http.ResponseWriter, r *http.Request, path string) {
|
||||
root := "https://storage.googleapis.com/open-match-chart/chart"
|
||||
h.withCors(w)
|
||||
http.Redirect(w, r, root+path, http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
||||
func (h *handler) serveInstallYaml(w http.ResponseWriter, r *http.Request, path string) {
|
||||
root := "https://storage.googleapis.com/open-match-chart/install"
|
||||
h.withCors(w)
|
||||
http.Redirect(w, r, root+path, http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
||||
func (h *handler) serveSwaggerAPI(w http.ResponseWriter, r *http.Request, path string) {
|
||||
root := "https://storage.googleapis.com/open-match-chart/api"
|
||||
h.withCors(w)
|
||||
http.Redirect(w, r, root+path, http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
||||
@ -175,6 +178,14 @@ func (h *handler) serveIndex(w http.ResponseWriter, r *http.Request) {
|
||||
http.Redirect(w, r, "https://open-match.dev/open-match/", http.StatusTemporaryRedirect)
|
||||
}
|
||||
|
||||
// withCors adds CORS headers to responses to tell the browser it's ok to read data from this URI if the source does not match the base URI.
|
||||
// This is ok because we are not serving executable code (javascript) from these locations, only configuration.
|
||||
func (h *handler) withCors(w http.ResponseWriter) {
|
||||
w.Header().Set("Access-Control-Allow-Origin", "*")
|
||||
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
|
||||
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
|
||||
}
|
||||
|
||||
func (h *handler) Host(r *http.Request) string {
|
||||
host := h.host
|
||||
if host == "" {
|
||||
|
||||
Reference in New Issue
Block a user