Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please support domain matching in the CORS config #2526

Closed
jmillikin-stripe opened this issue Feb 4, 2018 · 3 comments · Fixed by #3769
Closed

Please support domain matching in the CORS config #2526

jmillikin-stripe opened this issue Feb 4, 2018 · 3 comments · Fixed by #3769
Labels
enhancement Feature requests. Not bugs or questions. help wanted Needs help!

Comments

@jmillikin-stripe
Copy link
Contributor

Description:
The envoy.cors filter injects CORS headers. Currently the outgoing Access-Control-Allow-Origin header is set from a hardcoded set of domains in the Envoy config, so you must know the string-exact name of each domain that will be making requests to the service.

It'd be nice if Envoy could support matching (regex, wildcard, or whatever) on the incoming Origin header. If a match is found, then the outgoing Access-Control-Allow-Origin would be set to the origin as provided by the client.

This would let CORS be useful for sites on dynamically-generated domain names, for example when using a temporary website instance allocated per Github PR.

Relevant Links:
@mattklein123 mattklein123 added enhancement Feature requests. Not bugs or questions. help wanted Needs help! labels Feb 4, 2018
@mattklein123
Copy link
Member

SGTM if anyone would like to work on this.

@alyssawilk
Copy link
Contributor

@codesuki in case he's interested :-)

@codesuki
Copy link
Member

codesuki commented Feb 5, 2018

I am down for it. This is a feature I wanted to implement in the beginning. But the earliest I could start to work on it is middle to end of March. So if nobody picks it up until then, I will.

codesuki added a commit to codesuki/envoy that referenced this issue Jul 1, 2018
@codesuki
cors: allow using regexes to match origins
774ba96 
Resolves envoyproxy#2526

Signed-off-by: Neri Marschik <codesuki@users.noreply.github.com>
@codesuki codesuki mentioned this issue Jul 1, 2018
Merged
mattklein123 pushed a commit that referenced this issue Jul 10, 2018
@codesuki @mattklein123
cors: allow using regexes to match origins (#3769)
00bb039 
Resolves #2526

Signed-off-by: Neri Marschik <codesuki@users.noreply.github.com>
mattklein123 pushed a commit to envoyproxy/data-plane-api that referenced this issue Jul 10, 2018
cors: allow using regexes to match origins (#3769)
09d2c4a 
Resolves envoyproxy/envoy#2526

Signed-off-by: Neri Marschik <codesuki@users.noreply.github.com>

Mirrored from https://github.com/envoyproxy/envoy @ 00bb039a78f66b7cd42acedd9b2d3dc52bfb605d
@lavoiedn lavoiedn mentioned this issue Sep 11, 2018
Closed
@louiscryan louiscryan mentioned this issue Dec 18, 2019
Merged
jpsim added a commit that referenced this issue Nov 28, 2022
@jpsim
ci: fix Sonatype deploys (#2526)
1238112 
Fixes envoyproxy/envoy-mobile#2524

Signed-off-by: JP Simard <jp@jpsim.com>
jpsim added a commit that referenced this issue Nov 29, 2022
@jpsim
ci: fix Sonatype deploys (#2526)
b8b300b 
Fixes envoyproxy/envoy-mobile#2524

Signed-off-by: JP Simard <jp@jpsim.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Feature requests. Not bugs or questions. help wanted Needs help!
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

cors: allow using regexes to match origins codesuki/envoy
4 participants
@codesuki @mattklein123 @alyssawilk @jmillikin-stripe