Skip to content

Commit 1a2260a

Browse files
adameatadameat
authored
Merge 89a8741 into 0773155 
2 parents 0773155 + 89a8741 commit 1a2260a

File tree

2 files changed

+13
-33
lines changed

2 files changed

+13
-33
lines changed

ydb/core/mon/async_http_mon.cpp

+2-2
Original file line numberDiff line numberDiff line change
@@ -246,9 +246,9 @@ class THttpMonLegacyActorRequest : public TActorBootstrapped<THttpMonLegacyActor
246246
response << "HTTP/1.1 204 No Content\r\n"
247247
"Access-Control-Allow-Origin: " << origin << "\r\n"
248248
"Access-Control-Allow-Credentials: true\r\n"
249-
"Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n"
249+
"Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept,X-Trace-Verbosity,X-Want-Trace\r\n"
250250
"Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE\r\n"
251-
"Content-Type: " + type + "\r\n"
251+
"Content-Type: " << type << "\r\n"
252252
"Connection: keep-alive\r\n\r\n";
253253
ReplyWith(request->CreateResponseString(response));
254254
PassAway();

ydb/core/viewer/viewer.cpp

+11-31
Original file line numberDiff line numberDiff line change
@@ -475,36 +475,12 @@ class TViewer : public TActorBootstrapped<TViewer>, public IViewer {
475475
if (type.empty()) {
476476
type = "application/json";
477477
}
478-
if (AllowOrigin) {
479-
ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes(
480-
"HTTP/1.1 204 No Content\r\n"
481-
"Access-Control-Allow-Origin: " + AllowOrigin + "\r\n"
482-
"Access-Control-Allow-Credentials: true\r\n"
483-
"Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept,X-Trace-Verbosity,X-Want-Trace\r\n"
484-
"Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n"
485-
"Allow: OPTIONS, GET, POST\r\n"
486-
"Content-Type: " + type + "\r\n"
487-
"Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom));
488-
} else {
489-
TString origin = TString(msg->Request.GetHeader("Origin"));
490-
if (!origin.empty()) {
491-
ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes(
492-
"HTTP/1.1 204 No Content\r\n"
493-
"Access-Control-Allow-Origin: " + origin + "\r\n"
494-
"Access-Control-Allow-Credentials: true\r\n"
495-
"Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept,X-Trace-Verbosity,X-Want-Trace\r\n"
496-
"Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n"
497-
"Allow: OPTIONS, GET, POST\r\n"
498-
"Content-Type: " + type + "\r\n"
499-
"Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom));
500-
} else {
501-
ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes(
502-
"HTTP/1.1 204 No Content\r\n"
503-
"Allow: OPTIONS, GET, POST\r\n"
504-
"Content-Type: " + type + "\r\n"
505-
"Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom));
506-
}
507-
}
478+
TStringBuilder response;
479+
response << "HTTP/1.1 204 No Content\r\n";
480+
FillCORS(response, msg);
481+
response << "Content-Type: " + type + "\r\n"
482+
"Connection: Keep-Alive\r\n\r\n";
483+
Send(ev->Sender, new NMon::TEvHttpInfoRes(response, 0, NMon::IEvHttpInfoRes::EContentType::Custom));
508484
return;
509485
}
510486
TString path("/" + msg->Request.GetPage()->Path + msg->Request.GetPathInfo());
@@ -608,11 +584,15 @@ void TViewer::FillCORS(TStringBuilder& stream, const TRequestState& request) {
608584
} else if (request && request->Request.GetHeaders().HasHeader("Origin")) {
609585
origin = request->Request.GetHeader("Origin");
610586
}
587+
if (origin.empty()) {
588+
origin = "*";
589+
}
611590
if (origin) {
612591
stream << "Access-Control-Allow-Origin: " << origin << "\r\n"
613592
<< "Access-Control-Allow-Credentials: true\r\n"
614593
<< "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept,X-Trace-Verbosity,X-Want-Trace\r\n"
615-
<< "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n";
594+
<< "Access-Control-Allow-Methods: OPTIONS, GET, POST, DELETE\r\n"
595+
<< "Allow: OPTIONS, GET, POST, DELETE\r\n";
616596
}
617597
}
618598

0 commit comments

Comments
 (0)