diff options
| author | Dan Prince <dprince@redhat.com> | 2015-11-19 18:07:35 -0500 |
|---|---|---|
| committer | Dan Prince <dprince@redhat.com> | 2015-11-21 13:23:13 -0500 |
| commit | ba7c9eb70682d6c131a4525b19a3fbbd6f4067b8 (patch) | |
| tree | 79de95c98864d34957972ea320e71f211f0bc59e | |
| parent | 3eeaf4a0312eb613a211ff89e4d3a168aa3546d8 (diff) | |
| download | oslo-middleware-ba7c9eb70682d6c131a4525b19a3fbbd6f4067b8.tar.gz | |
Move cors allowed_origin check into add_origin3.0.0
This fixes an issue caused by c4957606cb290a639a4a02fbf648044242c5c207
where the add_origin method would fail if allowed_origin was
set to None. This could occur (even if oslo_config_project was
also set) if the projects config file contained its own
[cors] section anyway.
By moving the 'if allowed_origin:' check into add_origin
we ensure the function handles the default value if it
ever gets called.
Change-Id: I643e7a50e62564741fda784846bbdf3eb2bcc715
Closes-bug: #1518112
| -rw-r--r-- | oslo_middleware/cors.py | 42 | ||||
| -rw-r--r-- | oslo_middleware/tests/test_cors.py | 10 |
2 files changed, 31 insertions, 21 deletions
diff --git a/oslo_middleware/cors.py b/oslo_middleware/cors.py index b91fabd..59451b2 100644 --- a/oslo_middleware/cors.py +++ b/oslo_middleware/cors.py @@ -152,13 +152,12 @@ class CORS(base.ConfigurableMiddleware): # If the default configuration contains an allowed_origin, don't # forget to register that. - if allowed_origin: - self.add_origin(allowed_origin=allowed_origin, - allow_credentials=allow_credentials, - expose_headers=expose_headers, - max_age=max_age, - allow_methods=allow_methods, - allow_headers=allow_headers) + self.add_origin(allowed_origin=allowed_origin, + allow_credentials=allow_credentials, + expose_headers=expose_headers, + max_age=max_age, + allow_methods=allow_methods, + allow_headers=allow_headers) # Iterate through all the loaded config sections, looking for ones # prefixed with 'cors.' @@ -187,20 +186,21 @@ class CORS(base.ConfigurableMiddleware): if isinstance(allowed_origin, six.string_types): allowed_origin = [allowed_origin] - for origin in allowed_origin: - - if origin in self.allowed_origins: - LOG.warn('Allowed origin [%s] already exists, skipping' % ( - allowed_origin,)) - continue - - self.allowed_origins[origin] = { - 'allow_credentials': allow_credentials, - 'expose_headers': expose_headers, - 'max_age': max_age, - 'allow_methods': allow_methods, - 'allow_headers': allow_headers - } + if allowed_origin: + for origin in allowed_origin: + + if origin in self.allowed_origins: + LOG.warn('Allowed origin [%s] already exists, skipping' % ( + allowed_origin,)) + continue + + self.allowed_origins[origin] = { + 'allow_credentials': allow_credentials, + 'expose_headers': expose_headers, + 'max_age': max_age, + 'allow_methods': allow_methods, + 'allow_headers': allow_headers + } def set_latent(self, allow_headers=None, allow_methods=None, expose_headers=None): diff --git a/oslo_middleware/tests/test_cors.py b/oslo_middleware/tests/test_cors.py index e47c5d8..de91c34 100644 --- a/oslo_middleware/tests/test_cors.py +++ b/oslo_middleware/tests/test_cors.py @@ -164,6 +164,16 @@ class CORSTestFilterFactory(test_base.BaseTestCase): '''Assert that a filter factory with oslo_config_project succeed.''' cors.filter_factory(global_conf=None, oslo_config_project='foobar') + def test_cor_config_sections_with_defaults(self): + '''Assert cors.* config sections with default values work.''' + + # Set up the config fixture. + config = self.useFixture(fixture.Config(cfg.CONF)) + config.load_raw_values(group='cors.subdomain') + + # Now that the config is set up, create our application. + self.application = cors.CORS(test_application, cfg.CONF) + def test_factory_latent_properties(self): '''Assert latent properties in paste.ini config. |