From d6abf3dbab12367ba4a63c2b4867e04ea52b447b Mon Sep 17 00:00:00 2001 From: Andrew Low Date: Wed, 31 Jul 2024 18:24:29 -0400 Subject: [PATCH] always enable cors middleware, even on failing requests changelog update e2e_regression test cases --- .changelog/733.trivial.md | 1 + cmd/api/api.go | 4 +++- tests/e2e_regression/damask/expected/bad_account.headers | 1 + tests/e2e_regression/damask/expected/bad_node.headers | 1 + tests/e2e_regression/damask/expected/spec.headers | 1 + tests/e2e_regression/damask/expected/trailing_slash.headers | 1 + tests/e2e_regression/eden/expected/bad_account.headers | 1 + tests/e2e_regression/eden/expected/bad_node.headers | 1 + tests/e2e_regression/eden/expected/spec.headers | 1 + tests/e2e_regression/eden/expected/trailing_slash.headers | 1 + 10 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 .changelog/733.trivial.md diff --git a/.changelog/733.trivial.md b/.changelog/733.trivial.md new file mode 100644 index 000000000..ddccf371c --- /dev/null +++ b/.changelog/733.trivial.md @@ -0,0 +1 @@ +api: always enable cors diff --git a/cmd/api/api.go b/cmd/api/api.go index a5781d7f4..cd4799634 100644 --- a/cmd/api/api.go +++ b/cmd/api/api.go @@ -183,11 +183,13 @@ func (s *Service) Start() { BaseURL: v1BaseURL, Middlewares: []apiTypes.MiddlewareFunc{ api.RuntimeFromURLMiddleware(v1BaseURL), - api.CorsMiddleware, }, BaseRouter: baseRouter, ErrorHandlerFunc: api.HumanReadableJsonErrorHandler, }) + // Manually apply the CORS middleware; we want it to run always. + // HandlerWithOptions() above does not apply it to some requests (404 URLs, requests with bad params, etc.). + handler = api.CorsMiddleware(handler) // Manually apply the metrics middleware; we want it to run always, and at the outermost layer. // HandlerWithOptions() above does not apply it to some requests (404 URLs, requests with bad params, etc.). handler = api.MetricsMiddleware(metrics.NewDefaultRequestMetrics(moduleName), *s.logger)(handler) diff --git a/tests/e2e_regression/damask/expected/bad_account.headers b/tests/e2e_regression/damask/expected/bad_account.headers index 448e08e32..c52b02ddd 100644 --- a/tests/e2e_regression/damask/expected/bad_account.headers +++ b/tests/e2e_regression/damask/expected/bad_account.headers @@ -1,5 +1,6 @@ HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 +Vary: Origin X-Content-Type-Options: nosniff Date: UNINTERESTING Content-Length: UNINTERESTING diff --git a/tests/e2e_regression/damask/expected/bad_node.headers b/tests/e2e_regression/damask/expected/bad_node.headers index 448e08e32..c52b02ddd 100644 --- a/tests/e2e_regression/damask/expected/bad_node.headers +++ b/tests/e2e_regression/damask/expected/bad_node.headers @@ -1,5 +1,6 @@ HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 +Vary: Origin X-Content-Type-Options: nosniff Date: UNINTERESTING Content-Length: UNINTERESTING diff --git a/tests/e2e_regression/damask/expected/spec.headers b/tests/e2e_regression/damask/expected/spec.headers index a49fe6d4c..155171ce6 100644 --- a/tests/e2e_regression/damask/expected/spec.headers +++ b/tests/e2e_regression/damask/expected/spec.headers @@ -3,5 +3,6 @@ Accept-Ranges: bytes Content-Length: UNINTERESTING Content-Type: application/x-yaml Last-Modified: UNINTERESTING +Vary: Origin Date: UNINTERESTING diff --git a/tests/e2e_regression/damask/expected/trailing_slash.headers b/tests/e2e_regression/damask/expected/trailing_slash.headers index 3f6b0a5fa..4213d8f3e 100644 --- a/tests/e2e_regression/damask/expected/trailing_slash.headers +++ b/tests/e2e_regression/damask/expected/trailing_slash.headers @@ -1,5 +1,6 @@ HTTP/1.1 404 Not Found Content-Type: text/plain; charset=utf-8 +Vary: Origin X-Content-Type-Options: nosniff Date: UNINTERESTING Content-Length: UNINTERESTING diff --git a/tests/e2e_regression/eden/expected/bad_account.headers b/tests/e2e_regression/eden/expected/bad_account.headers index 448e08e32..c52b02ddd 100644 --- a/tests/e2e_regression/eden/expected/bad_account.headers +++ b/tests/e2e_regression/eden/expected/bad_account.headers @@ -1,5 +1,6 @@ HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 +Vary: Origin X-Content-Type-Options: nosniff Date: UNINTERESTING Content-Length: UNINTERESTING diff --git a/tests/e2e_regression/eden/expected/bad_node.headers b/tests/e2e_regression/eden/expected/bad_node.headers index 448e08e32..c52b02ddd 100644 --- a/tests/e2e_regression/eden/expected/bad_node.headers +++ b/tests/e2e_regression/eden/expected/bad_node.headers @@ -1,5 +1,6 @@ HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 +Vary: Origin X-Content-Type-Options: nosniff Date: UNINTERESTING Content-Length: UNINTERESTING diff --git a/tests/e2e_regression/eden/expected/spec.headers b/tests/e2e_regression/eden/expected/spec.headers index a49fe6d4c..155171ce6 100644 --- a/tests/e2e_regression/eden/expected/spec.headers +++ b/tests/e2e_regression/eden/expected/spec.headers @@ -3,5 +3,6 @@ Accept-Ranges: bytes Content-Length: UNINTERESTING Content-Type: application/x-yaml Last-Modified: UNINTERESTING +Vary: Origin Date: UNINTERESTING diff --git a/tests/e2e_regression/eden/expected/trailing_slash.headers b/tests/e2e_regression/eden/expected/trailing_slash.headers index 3f6b0a5fa..4213d8f3e 100644 --- a/tests/e2e_regression/eden/expected/trailing_slash.headers +++ b/tests/e2e_regression/eden/expected/trailing_slash.headers @@ -1,5 +1,6 @@ HTTP/1.1 404 Not Found Content-Type: text/plain; charset=utf-8 +Vary: Origin X-Content-Type-Options: nosniff Date: UNINTERESTING Content-Length: UNINTERESTING