feat(medusa): Allow regexp in CORS configuration #1935
Conversation
🦋 Changeset detectedLatest commit: 535705e The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
adrien2p
force-pushed
the
feat/cors-allowed-regexp
branch
2 times, most recently
from
b7309e9 to
3633933
Compare
adrien2p
changed the title
olivermrbl
changed the title
olivermrbl
force-pushed
the
feat/cors-allowed-regexp
branch
2 times, most recently
from
ebaadbc to
57f1255
Compare
adrien2p
force-pushed
the
feat/cors-allowed-regexp
branch
2 times, most recently
from
db92c50 to
76d59e4
Compare
|
@olivermrbl do you think that pr could be merge at some point? |
|
@adrien2p Yes, I will give this a review tomorrow :) |
|
I am attempting to configure This should allow requests from origins |
|
@olivermrbl I ve open a pr in the CORS repo as I can't seam to be able to find the culprit expressjs/cors#292 It is also possible that the changeset need to be updated |
|
It is now working properly, just need to double the \ to avoid them to be escaped |
|
That's a great functionality. Question: I believe we will increase quite a lot the size of the plugins if they now depend on medusa core. Should we think about separating the "utils" to a new package? |
I see what you mean, but plugins already depends on the core as they can extend strategies, interfaces, services, and also are already using some utilities. In that case I am afraid it would mean to separate all of those in different packages. Generally speaking, since the plugins have no dependency to the core, but only as a peer dependency, I don't think it is a problem since the core will then not be installed by the plugin. they are normally used in the server and the server install medusa core already wdyt? let me know if I have miss understood something |
|
Sorry, disregard my comment. I see it's listed as a peerDependencies. Even npm will reuse medusa-code if that's is installed. |
adrien2p
force-pushed
the
feat/cors-allowed-regexp
branch
from
26c7c96 to
37d8ce2
Compare
|
@olivermrbl finally all green |
|
Think we should add a guide for this in our documentation. Wdyt? @adrien2p cc. @shahednasser |
|
Yes I agree, we can take the examples we've put in comments of that pr? And we should mention the usage of the utilities in custom routes |
|
I'll add an issue for it in Linear 👍🏻 |
adrien2p
force-pushed
the
feat/cors-allowed-regexp
branch
from
34c8c95 to
532be0e
Compare
|
@olivermrbl, @adrien2p - can we merge this? |
|
Yes, we were just awaiting a green pipeline. After resolving the conflict, we should be good 💪 |
|
@srindom yes sure, i ve tested it and was waiting for someone else to test as well |
What
In some cases, a users that works with a bunch of subdomain would like to be able to configure the cors using a regexp to allow all or a sub set of his sub domains
https://discord.com/channels/876835651130097704/877195433649258536/1002330864216195112
Info
Cors middleware impl authorised it:
https://github.com/expressjs/cors/blob/f038e7722838fd83935674aa8c5bf452766741fb/lib/index.js#L19