Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configuration with no allowed origin sets allow credentials to true #13

Closed
blcham opened this issue Nov 22, 2023 · 0 comments · Fixed by #14
Closed

Configuration with no allowed origin sets allow credentials to true #13

blcham opened this issue Nov 22, 2023 · 0 comments · Fixed by #14

Comments

@blcham
Copy link

blcham commented Nov 22, 2023
edited
Loading

This happens as the following if section is always executed:

        allowedOrigins.addAll(Arrays.asList(allowedOriginsConfig.split(",")));
        if (!allowedOrigins.isEmpty()) {
            corsConfig.setAllowedOrigins(allowedOrigins);
            corsConfig.setAllowCredentials(true);
        }

After the execution, the allowedOrigin list always contains at least one element. If allowedOriginsConfig == ""
then at least an empty string (i.e.,"").
blcham added a commit that referenced this issue Nov 22, 2023
@blcham
[#13] Throw error when allowed origins are not configured
f893d77
@blcham blcham mentioned this issue Nov 22, 2023
Merged
blcham added a commit that referenced this issue Nov 22, 2023
@blcham
[#13] Throw error when allowed origins are not configured
c653f33
@blcham blcham mentioned this issue Nov 23, 2023
Closed
blcham added a commit that referenced this issue Nov 28, 2023
@blcham
[#13] Throw error when allowed origins are not configured
90b2a2e
blcham added a commit that referenced this issue Nov 28, 2023
@blcham
[#13] Empty origins should not result in *
57b4dac
blcham added a commit that referenced this issue Nov 28, 2023
@blcham
Merge pull request #14 from kbss-cvut/fix-case-when-allowed-origins-a…
931410c 
…re-not-configured

[#13] Throw error when allowed origins are not configured
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[#13] Throw error when allowed origins are not configured kbss-cvut/record-manager
1 participant
@blcham