From 4ae96e7d8e54f508ed0680d78cf37196c6954638 Mon Sep 17 00:00:00 2001 From: Robert Lucian Chiriac Date: Thu, 3 Dec 2020 14:48:30 +0200 Subject: [PATCH 1/5] Fix CORS --- pkg/workloads/cortex/serve/nginx.conf.j2 | 2 +- pkg/workloads/cortex/serve/serve.py | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/pkg/workloads/cortex/serve/nginx.conf.j2 b/pkg/workloads/cortex/serve/nginx.conf.j2 index e7e14fef93..bc4cf18efe 100644 --- a/pkg/workloads/cortex/serve/nginx.conf.j2 +++ b/pkg/workloads/cortex/serve/nginx.conf.j2 @@ -87,7 +87,7 @@ http { add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Headers "*"; - add_header Access-Control-Allow-Methods "GET, POST"; + add_header Access-Control-Allow-Methods "GET, HEAD, POST"; add_header Access-Control-Allow-Credentials "true"; proxy_set_header HOST $host; diff --git a/pkg/workloads/cortex/serve/serve.py b/pkg/workloads/cortex/serve/serve.py index e47923bb4d..425a2ae10a 100644 --- a/pkg/workloads/cortex/serve/serve.py +++ b/pkg/workloads/cortex/serve/serve.py @@ -26,6 +26,7 @@ from typing import Any from fastapi import Body, FastAPI +from fastapi.middleware.cors import CORSMiddleware from fastapi.exceptions import RequestValidationError from starlette.requests import Request from starlette.responses import Response, PlainTextResponse, JSONResponse @@ -52,6 +53,14 @@ app = FastAPI() +app.add_middleware( + CORSMiddleware, + allow_origins=["*"], + allow_credentials=True, + allow_methods=["GET", "HEAD", "POST"], + allow_headers=["*"], +) + local_cache = { "api": None, "provider": None, @@ -338,6 +347,6 @@ def start_fn(): logger().warn("an error occurred while attempting to load classes", exc_info=True) app.add_api_route(local_cache["predict_route"], predict, methods=["POST"]) - app.add_api_route(local_cache["predict_route"], get_summary, methods=["GET"]) + app.add_api_route(local_cache["predict_route"], get_summary, methods=["GET", "HEAD"]) return app From ebc4956d106f96539aa7b4a63a3a834ae3c5ab16 Mon Sep 17 00:00:00 2001 From: David Eliahu Date: Thu, 3 Dec 2020 09:23:57 -0800 Subject: [PATCH 2/5] Update CORS --- pkg/workloads/cortex/serve/nginx.conf.j2 | 36 ++++++++++++++++++------ pkg/workloads/cortex/serve/serve.py | 11 +------- 2 files changed, 28 insertions(+), 19 deletions(-) diff --git a/pkg/workloads/cortex/serve/nginx.conf.j2 b/pkg/workloads/cortex/serve/nginx.conf.j2 index bc4cf18efe..c83facd289 100644 --- a/pkg/workloads/cortex/serve/nginx.conf.j2 +++ b/pkg/workloads/cortex/serve/nginx.conf.j2 @@ -83,17 +83,35 @@ http { } location ~ ^/(predict/?|)$ { - limit_conn inflights {{ CORTEX_MAX_REPLICA_CONCURRENCY | int }}; + # CORS (https://enable-cors.org/server_nginx.html) + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' '*'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain; charset=utf-8'; + add_header 'Content-Length' 0; + return 204; + } + if ($request_method = 'POST') { + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' '*'; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; + } + if ($request_method = 'GET') { + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' '*'; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; + } - add_header Access-Control-Allow-Origin "*"; - add_header Access-Control-Allow-Headers "*"; - add_header Access-Control-Allow-Methods "GET, HEAD, POST"; - add_header Access-Control-Allow-Credentials "true"; + limit_conn inflights {{ CORTEX_MAX_REPLICA_CONCURRENCY | int }}; - proxy_set_header HOST $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header 'HOST' $host; + proxy_set_header 'X-Forwarded-For' $proxy_add_x_forwarded_for; + proxy_set_header 'X-Real-IP' $remote_addr; + proxy_set_header 'X-Forwarded-Proto' $scheme; proxy_redirect off; proxy_buffering off; diff --git a/pkg/workloads/cortex/serve/serve.py b/pkg/workloads/cortex/serve/serve.py index 425a2ae10a..e47923bb4d 100644 --- a/pkg/workloads/cortex/serve/serve.py +++ b/pkg/workloads/cortex/serve/serve.py @@ -26,7 +26,6 @@ from typing import Any from fastapi import Body, FastAPI -from fastapi.middleware.cors import CORSMiddleware from fastapi.exceptions import RequestValidationError from starlette.requests import Request from starlette.responses import Response, PlainTextResponse, JSONResponse @@ -53,14 +52,6 @@ app = FastAPI() -app.add_middleware( - CORSMiddleware, - allow_origins=["*"], - allow_credentials=True, - allow_methods=["GET", "HEAD", "POST"], - allow_headers=["*"], -) - local_cache = { "api": None, "provider": None, @@ -347,6 +338,6 @@ def start_fn(): logger().warn("an error occurred while attempting to load classes", exc_info=True) app.add_api_route(local_cache["predict_route"], predict, methods=["POST"]) - app.add_api_route(local_cache["predict_route"], get_summary, methods=["GET", "HEAD"]) + app.add_api_route(local_cache["predict_route"], get_summary, methods=["GET"]) return app From 5f0a3aaf52da994b631877147a18631ed43646c3 Mon Sep 17 00:00:00 2001 From: David Eliahu Date: Thu, 3 Dec 2020 09:27:47 -0800 Subject: [PATCH 3/5] Update nginx.conf.j2 --- pkg/workloads/cortex/serve/nginx.conf.j2 | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/workloads/cortex/serve/nginx.conf.j2 b/pkg/workloads/cortex/serve/nginx.conf.j2 index c83facd289..dc865c8850 100644 --- a/pkg/workloads/cortex/serve/nginx.conf.j2 +++ b/pkg/workloads/cortex/serve/nginx.conf.j2 @@ -83,7 +83,7 @@ http { } location ~ ^/(predict/?|)$ { - # CORS (https://enable-cors.org/server_nginx.html) + # CORS (inspired by https://enable-cors.org/server_nginx.html) if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; @@ -105,6 +105,12 @@ http { add_header 'Access-Control-Allow-Headers' '*'; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; } + if ($request_method = 'HEAD') { + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' '*'; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; + } limit_conn inflights {{ CORTEX_MAX_REPLICA_CONCURRENCY | int }}; From 323362fafddd8c3c52f5316ffd462805e30dbdbd Mon Sep 17 00:00:00 2001 From: David Eliahu Date: Thu, 3 Dec 2020 09:40:53 -0800 Subject: [PATCH 4/5] Remove HEAD --- pkg/workloads/cortex/serve/nginx.conf.j2 | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/pkg/workloads/cortex/serve/nginx.conf.j2 b/pkg/workloads/cortex/serve/nginx.conf.j2 index dc865c8850..e35a30d36b 100644 --- a/pkg/workloads/cortex/serve/nginx.conf.j2 +++ b/pkg/workloads/cortex/serve/nginx.conf.j2 @@ -86,7 +86,7 @@ http { # CORS (inspired by https://enable-cors.org/server_nginx.html) if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' '*'; add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain; charset=utf-8'; @@ -95,19 +95,13 @@ http { } if ($request_method = 'POST') { add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' '*'; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; } if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' '*'; - add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; - } - if ($request_method = 'HEAD') { - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' '*'; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; } From 4e5870480dbd461605b296d24ebe6adea4007cb0 Mon Sep 17 00:00:00 2001 From: David Eliahu Date: Thu, 3 Dec 2020 10:31:18 -0800 Subject: [PATCH 5/5] Update nginx.conf.j2 --- pkg/workloads/cortex/serve/nginx.conf.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/workloads/cortex/serve/nginx.conf.j2 b/pkg/workloads/cortex/serve/nginx.conf.j2 index e35a30d36b..1681e0575d 100644 --- a/pkg/workloads/cortex/serve/nginx.conf.j2 +++ b/pkg/workloads/cortex/serve/nginx.conf.j2 @@ -88,6 +88,7 @@ http { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' '*'; + add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain; charset=utf-8'; add_header 'Content-Length' 0; @@ -97,12 +98,14 @@ http { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' '*'; + add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; } if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' '*'; + add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; }