Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add allowHeaders to Options #6044

Merged
merged 5 commits into from
Sep 12, 2019
Merged

feat: add allowHeaders to Options #6044

merged 5 commits into from
Sep 12, 2019

Conversation

omairvaiyani
Copy link
Contributor

@omairvaiyani omairvaiyani commented Sep 12, 2019
edited
Loading

This allows developers to use custom headers in their API requests, and they will be accepted by their mounted app.

const server = new ParseServer({
...
allowHeaders: ['X-My-Key', 'X-Some-Header'],
...
})

Currently, if you try to send an API request with any custom headers, you receive a preflight error due to this static function. With this optional setting, our users can add their own headers to the allowed list.

@omairvaiyani
feat: add allowHeaders to Options
c14cf9c 
This allows developers to use custom headers in their API requests, and they will be accepted by their mounted app.
omairvaiyani
omairvaiyani commented Sep 12, 2019
View reviewed changes
src/Config.js
return `${this.publicServerURL}/apps/${
this.applicationId
}/request_password_reset`;
return `${this.publicServerURL}/apps/${this.applicationId}/request_password_reset`;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what happened here - maybe the pre-commit ran a formatter through it!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah it’s prettier

@dplewis
Copy link
Member

dplewis commented Sep 12, 2019

Nice! Can you add a few test cases?

omairvaiyani
omairvaiyani commented Sep 12, 2019
View reviewed changes
src/middlewares.js Outdated
@@ -280,12 +284,17 @@ function decodeBase64(str) {
}

export function allowCrossDomain(req, res, next) {
const config = Config.get(
req.get('X-Parse-Application-Id', getMountForRequest(req))
Copy link
Contributor Author

@omairvaiyani omairvaiyani Sep 12, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm making an assumption here that Config.get will gracefully handle empty parameters and return an undefined config. If not, I'll need to add some checks to ensure we have an appId and mount before looking for the config.

@omairvaiyani
Copy link
Contributor Author

@dplewis Yup just looking for the best spec file to put them!

@dplewis
Copy link
Member

dplewis commented Sep 12, 2019
edited
Loading

Can you add it to the definitions? Thats how options are generated. A test to check that the option is actually set.

You can check here;

@omairvaiyani
refactor: convert allowCrossDomain to generator to add appId in scope
0e974ed 
This is necessary as the middleware may run in OPTIONS request that do not contain the appId within the header.
@codecov
Copy link

codecov bot commented Sep 12, 2019
edited
Loading

Codecov Report

Merging #6044 into master will decrease coverage by 10.55%.
The diff coverage is 67.85%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master   #6044       +/-   ##
==========================================
- Coverage   93.75%   83.2%   -10.56%     
==========================================
  Files         164     164               
  Lines       11128   11144       +16     
==========================================
- Hits        10433    9272     -1161     
- Misses        695    1872     +1177
Impacted Files Coverage Δ
src/Options/index.js 100% <ø> (ø) ⬆️
src/Options/Definitions.js 100% <ø> (ø) ⬆️
src/ParseServer.js 97.53% <100%> (ø) ⬆️
src/Config.js 89.6% <30%> (-5.23%) ⬇️
src/middlewares.js 97.7% <88.23%> (-0.51%) ⬇️
...dapters/Storage/Postgres/PostgresStorageAdapter.js 2.98% <0%> (-94.11%) ⬇️
src/Adapters/Storage/Postgres/PostgresClient.js 78.57% <0%> (-7.15%) ⬇️
src/Controllers/UserController.js 93.45% <0%> (-0.94%) ⬇️
src/Routers/UsersRouter.js 93.54% <0%> (-0.65%) ⬇️
src/RestWrite.js 93.39% <0%> (-0.17%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 63cabb8...4cf0383. Read the comment docs.

@davimacedo davimacedo requested a review from dplewis September 12, 2019 20:49
@davimacedo davimacedo merged commit eef530b into parse-community:master Sep 12, 2019
@omairvaiyani omairvaiyani deleted the configure-allowed-headers branch September 13, 2019 08:13
UnderratedDev pushed a commit to UnderratedDev/parse-server that referenced this pull request Mar 21, 2020
@omairvaiyani @davimacedo
feat: add allowHeaders to Options (parse-community#6044)
441dddb 
* feat: add allowHeaders to Options

This allows developers to use custom headers in their API requests, and they will be accepted by their mounted app.

* refactor: convert allowCrossDomain to generator to add appId in scope

This is necessary as the middleware may run in OPTIONS request that do not contain the appId within the header.

* chore: update Definitions and docs

* fix: update test to use new allowCrossDomain params

* chore: add tests for allowCustomDomain middleware re: allowHeadrs
@parseplatformorg parseplatformorg mentioned this pull request May 6, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dplewis dplewis dplewis approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@omairvaiyani @dplewis @davimacedo