Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: allow configuring allow-headers in grpc-web plugin #10248

Closed
RogueJin opened this issue Sep 22, 2023 · 5 comments · Fixed by #10904
Closed

feat: allow configuring allow-headers in grpc-web plugin #10248

RogueJin opened this issue Sep 22, 2023 · 5 comments · Fixed by #10904
Assignees
@smileby
Labels
feature-request

Comments

@RogueJin
Copy link

Current Behavior

The Access-Control-Allow-Headers is hard coded, which causes cors issue when client needs extra headers.

https://github.com/apache/apisix/blob/master/apisix/plugins/grpc-web.lua

local DEFAULT_CORS_ALLOW_HEADERS = "content-type,x-grpc-web,x-user-agent"

The request from origin 'http://localhost:5245' has been blocked by CORS policy: Request header field grpc-accept-encoding is not allowed by Access-Control-Allow-Headers in preflight response.

Expected Behavior

The header could be overwritten by json, cors plugin or even the upstream api.

the easy way is by json, like this:

{
"uri": "/*",
"name": "grpcweb",
"plugins": {
"cors": {},
"grpc-web": {
"Access-Control-Allow-Headers": "grpc-accept-encoding"
}
},
"upstream_id": "479432631159620291",
"status": 1
}

Error Logs

WeChatWorkScreenshot_dd9ab76e-6716-4f38-9763-8cb3ca02241e

Steps to Reproduce

  1. run APISIX via docker compose
  2. setup upstream grpcweb api
  3. config route
{
  "uri": "/*",
  "name": "grpcweb",
  "plugins": {
    "cors": {},
    "grpc-web": {}
  },
  "upstream_id": "479432631159620291",
  "status": 1
}
  1. curl
curl http://localhost:9080/xxxxxxxxx -X OPTIONS -v

Environment

  • APISIX version (run apisix version): 3.5.0
  • Operating system (run uname -a):
    Linux 49c5eb4d90cd 5.15.49-linuxkit-pr change: added doc of how to load plugin. #1 SMP PREEMPT Thu May 25 07:27:39 UTC 2023 aarch64 GNU/Linux
  • OpenResty / Nginx version (run openresty -V or nginx -V):
    nginx version: openresty/1.21.4.1
    built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
    built with OpenSSL 1.1.1s 1 Nov 2022
    TLS SNI support enabled
  • etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
  • APISIX Dashboard version, if relevant:
  • Plugin runner version, for issues related to plugin runners: grpc-web
  • LuaRocks version, for installation issues (run luarocks --version):
@shreemaan-abhishek
Copy link
Contributor

Did you check if adding the header in code solves your error?

@RogueJin
Copy link
Author

yes, I hard coded those headers and fixed the error.

@Revolyssup Revolyssup changed the title bug: the CORS_ALLOW_HEADERS of grpc-web cann feat: allow configuring allow-headers in grpc-web plugin Sep 25, 2023
@Revolyssup
Copy link
Contributor

@RogueJin Thank for reporting. This has been marked as a feature request. This should be straight forward to implement.

@smileby
Copy link
Contributor

smileby commented Jan 25, 2024

@shreemaan-abhishek Please assign it to me and I will complete it

@smileby
Copy link
Contributor

smileby commented Jan 31, 2024

@tzssangglass Do you think there is something wrong with this feature? The cross-domain related functionality seems to have some conflicts with the CORS plugin.

@smileby smileby mentioned this issue Feb 2, 2024
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@smileby smileby

Labels
feature-request
Projects
Apache APISIX backlog
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: allow configuring allow-headers in grpc-web plugin smileby/apisix
4 participants
@RogueJin @smileby @Revolyssup @shreemaan-abhishek