From 0a8f8ace833b539e5f8bdc14b3e3a4b57e9cca1b Mon Sep 17 00:00:00 2001 From: maslow Date: Mon, 23 Oct 2023 21:52:46 +0800 Subject: [PATCH] fix(runtime): enable cors in runtime; disable cors in gateway ingress --- runtimes/nodejs/src/config.ts | 4 ++-- runtimes/nodejs/src/index.ts | 4 +--- runtimes/nodejs/src/storage-server.ts | 3 +++ .../src/gateway/ingress/bucket-ingress.service.ts | 12 ------------ .../src/gateway/ingress/runtime-ingress.service.ts | 14 +------------- .../src/gateway/ingress/website-ingress.service.ts | 2 -- 6 files changed, 7 insertions(+), 32 deletions(-) diff --git a/runtimes/nodejs/src/config.ts b/runtimes/nodejs/src/config.ts index 4da9d9b7cd..3991ffd15d 100644 --- a/runtimes/nodejs/src/config.ts +++ b/runtimes/nodejs/src/config.ts @@ -47,11 +47,11 @@ export default class Config { * the serving port, default is 8000 */ static get PORT(): number { - return (process.env.PORT ?? 8000) as number + return (process.env.__PORT ?? 8000) as number } static get STORAGE_PORT(): number { - return (process.env.STORAGE_PORT ?? 9000) as number + return (process.env.__STORAGE_PORT ?? 9000) as number } /** diff --git a/runtimes/nodejs/src/index.ts b/runtimes/nodejs/src/index.ts index 00ee8c6978..c179491120 100644 --- a/runtimes/nodejs/src/index.ts +++ b/runtimes/nodejs/src/index.ts @@ -28,9 +28,7 @@ DatabaseAgent.accessor.ready.then(() => { DatabaseChangeStream.initialize() }) -if (process.env.NODE_ENV === 'development') { - app.use(cors()) -} +app.use(cors()) app.use(express.json({ limit: Config.REQUEST_LIMIT_SIZE }) as any) app.use( diff --git a/runtimes/nodejs/src/storage-server.ts b/runtimes/nodejs/src/storage-server.ts index a4446ca590..f80fc81a9b 100644 --- a/runtimes/nodejs/src/storage-server.ts +++ b/runtimes/nodejs/src/storage-server.ts @@ -5,9 +5,12 @@ import './support/cloud-sdk' import { WebsiteHostingChangeStream } from './support/database-change-stream/website-hosting-change-stream' import proxy from 'express-http-proxy' import axios from 'axios' +import cors from 'cors' const app = express() +app.use(cors()) + const tryPath = (bucket: string, path: string) => { const testPaths = path.endsWith('/') ? [path + 'index.html', '/index.html'] diff --git a/server/src/gateway/ingress/bucket-ingress.service.ts b/server/src/gateway/ingress/bucket-ingress.service.ts index b9ff4a79d4..338774fb90 100644 --- a/server/src/gateway/ingress/bucket-ingress.service.ts +++ b/server/src/gateway/ingress/bucket-ingress.service.ts @@ -67,23 +67,11 @@ export class BucketGatewayService { 'laf.dev/bucket.name': domain.bucketName, 'laf.dev/ingress.type': 'bucket', // apisix ingress annotations - 'k8s.apisix.apache.org/enable-cors': 'true', - 'k8s.apisix.apache.org/cors-allow-credential': 'false', - 'k8s.apisix.apache.org/cors-allow-headers': '*', - 'k8s.apisix.apache.org/cors-allow-methods': '*', - 'k8s.apisix.apache.org/cors-allow-origin': '*', 'k8s.apisix.apache.org/cors-expose-headers': '*', 'k8s.apisix.apache.org/svc-namespace': namespace, // k8s nginx ingress annotations // websocket is enabled by default in k8s nginx ingress - 'nginx.ingress.kubernetes.io/enable-cors': 'true', - 'nginx.ingress.kubernetes.io/cors-allow-credentials': 'false', - 'nginx.ingress.kubernetes.io/cors-allow-methods': '*', - 'nginx.ingress.kubernetes.io/cors-allow-headers': - 'DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,x-laf-develop-token,x-laf-func-data,x-amz-content-sha256,x-amz-security-token,x-amz-user-agent,x-amz-date,content-md5', - 'nginx.ingress.kubernetes.io/cors-expose-headers': '*', - 'nginx.ingress.kubernetes.io/cors-allow-origin': '*', 'nginx.ingress.kubernetes.io/proxy-body-size': '0', }, }, diff --git a/server/src/gateway/ingress/runtime-ingress.service.ts b/server/src/gateway/ingress/runtime-ingress.service.ts index 7d03de51dc..62c1a36bf0 100644 --- a/server/src/gateway/ingress/runtime-ingress.service.ts +++ b/server/src/gateway/ingress/runtime-ingress.service.ts @@ -82,23 +82,11 @@ export class RuntimeGatewayService { 'laf.dev/ingress.type': 'runtime', // apisix ingress annotations 'k8s.apisix.apache.org/enable-websocket': 'true', - 'k8s.apisix.apache.org/enable-cors': 'true', - 'k8s.apisix.apache.org/cors-allow-credential': 'false', - 'k8s.apisix.apache.org/cors-allow-headers': '*', - 'k8s.apisix.apache.org/cors-allow-methods': '*', - 'k8s.apisix.apache.org/cors-allow-origin': '*', - 'k8s.apisix.apache.org/cors-expose-headers': '*', 'k8s.apisix.apache.org/svc-namespace': namespace, // k8s nginx ingress annotations // websocket is enabled by default in k8s nginx ingress - 'nginx.ingress.kubernetes.io/enable-cors': 'true', - 'nginx.ingress.kubernetes.io/cors-allow-credentials': 'false', - 'nginx.ingress.kubernetes.io/cors-allow-methods': '*', - 'nginx.ingress.kubernetes.io/cors-allow-headers': - 'DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,x-laf-develop-token,x-laf-func-data', - 'nginx.ingress.kubernetes.io/cors-expose-headers': '*', - 'nginx.ingress.kubernetes.io/cors-allow-origin': '*', + 'nginx.ingress.kubernetes.io/proxy-body-size': '0', 'nginx.ingress.kubernetes.io/server-snippet': 'client_header_buffer_size 4096k;\nlarge_client_header_buffers 8 512k;\n', }, diff --git a/server/src/gateway/ingress/website-ingress.service.ts b/server/src/gateway/ingress/website-ingress.service.ts index 9497e1a877..25c518064c 100644 --- a/server/src/gateway/ingress/website-ingress.service.ts +++ b/server/src/gateway/ingress/website-ingress.service.ts @@ -73,11 +73,9 @@ export class WebsiteHostingGatewayService { 'laf.dev/bucket.name': website.bucketName, 'laf.dev/ingress.type': 'website', // apisix ingress annotations - 'k8s.apisix.apache.org/enable-cors': 'true', 'k8s.apisix.apache.org/svc-namespace': namespace, // k8s nginx ingress annotations - 'nginx.ingress.kubernetes.io/enable-cors': 'true', }, }, spec: { ingressClassName, rules: [rule], tls },