Merge pull request #605 from ecarjat/master
Add SPOOLMAN_CORS_ORIGIN variable
This commit is contained in:
@@ -72,3 +72,11 @@ SPOOLMAN_PORT=7912
|
|||||||
# Default if not set: 1000
|
# Default if not set: 1000
|
||||||
#PUID=1000
|
#PUID=1000
|
||||||
#PGID=1000
|
#PGID=1000
|
||||||
|
|
||||||
|
# Allows CORS ORIGIN.
|
||||||
|
# Use the https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Access-Control-Allow-Origin semantics
|
||||||
|
# separated by commas
|
||||||
|
# for example to allow request from source1.domain.com on port p1 and source2.domain.com on port p2
|
||||||
|
# SPOOLMAN_CORS_ORIGIN=source1.domain.com:p1, source2.domain.com:p2
|
||||||
|
# to allow from any
|
||||||
|
# SPOOLMAN_CORS_ORIGIN=*
|
||||||
|
|||||||
@@ -210,6 +210,35 @@ def is_debug_mode() -> bool:
|
|||||||
return True
|
return True
|
||||||
raise ValueError(f"Failed to parse SPOOLMAN_DEBUG_MODE variable: Unknown debug mode '{debug_mode}'.")
|
raise ValueError(f"Failed to parse SPOOLMAN_DEBUG_MODE variable: Unknown debug mode '{debug_mode}'.")
|
||||||
|
|
||||||
|
def is_cors_defined() -> bool:
|
||||||
|
"""Get whether CORS is enabled from environment variables.
|
||||||
|
|
||||||
|
Returns False if no environment variable was set for CORS.
|
||||||
|
Returns True otherwise
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
bool: Whether CORS is enabled.
|
||||||
|
|
||||||
|
"""
|
||||||
|
cors = os.getenv("SPOOLMAN_CORS_ORIGIN", "FALSE").upper()
|
||||||
|
if cors in {"FALSE", "0"}:
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
return True
|
||||||
|
|
||||||
|
def get_cors_origin() -> Optional[list[str]]:
|
||||||
|
"""Get the CORS origin from environment variables.
|
||||||
|
|
||||||
|
Returns None if no environment variable was set for the origin.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Optional[str]: The origin.
|
||||||
|
|
||||||
|
"""
|
||||||
|
cors = os.getenv("SPOOLMAN_CORS_ORIGIN")
|
||||||
|
if cors is None:
|
||||||
|
return None
|
||||||
|
return cors.split(",")
|
||||||
|
|
||||||
def is_automatic_backup_enabled() -> bool:
|
def is_automatic_backup_enabled() -> bool:
|
||||||
"""Get whether automatic backup is enabled from environment variables.
|
"""Get whether automatic backup is enabled from environment variables.
|
||||||
|
|||||||
@@ -104,12 +104,16 @@ window.SPOOLMAN_BASE_PATH = "{base_path}";
|
|||||||
app.mount(base_path, app=SinglePageApplication(directory="client/dist", base_path=env.get_base_path()))
|
app.mount(base_path, app=SinglePageApplication(directory="client/dist", base_path=env.get_base_path()))
|
||||||
|
|
||||||
# Allow all origins if in debug mode
|
# Allow all origins if in debug mode
|
||||||
if env.is_debug_mode():
|
if env.is_debug_mode() or env.is_cors_defined():
|
||||||
logger.warning("Running in debug mode, allowing all origins.")
|
if(env.is_cors_defined()):
|
||||||
|
origins = env.get_cors_origin()
|
||||||
|
else:
|
||||||
|
origins = ["*"]
|
||||||
|
logger.warning("Running in debug mode, allowing all origins.")
|
||||||
|
|
||||||
app.add_middleware(
|
app.add_middleware(
|
||||||
CORSMiddleware,
|
CORSMiddleware,
|
||||||
allow_origins=["*"],
|
allow_origins=origins,
|
||||||
allow_credentials=True,
|
allow_credentials=True,
|
||||||
allow_methods=["*"],
|
allow_methods=["*"],
|
||||||
allow_headers=["*"],
|
allow_headers=["*"],
|
||||||
|
|||||||
Reference in New Issue
Block a user