@abtnode/router-provider 1.16.14-beta-a898bfcb → 1.16.14-beta-d802cd3c

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/lib/default/daemon.js +2 -0
  2. package/lib/nginx/includes/cors-loose +4 -2
  3. package/lib/nginx/includes/cors-strict +2 -1
  4. package/lib/nginx/includes/proxy +6 -5
  5. package/lib/nginx/index.js +3 -1
  6. package/package.json +6 -6
package/lib/default/daemon.js CHANGED
@@ -175,6 +175,7 @@ const corsHandler = (host, req, res) => {
175
175
  if (allowedOrigins.includes('*')) {
176
176
  res.writeHead(204, {
177
177
  Vary: 'Origin',
178
+ // TODO: @zhanghan 需要优先读取应用代码透传的 header
178
179
  'Access-Control-Allow-Origin': '*',
179
180
  'Access-Control-Allow-Credentials': false,
180
181
  'Access-Control-Allow-Methods': 'POST, GET, HEAD, PUT, DELETE, OPTIONS',
@@ -189,6 +190,7 @@ const corsHandler = (host, req, res) => {
189
190
  if (allowedOrigins.some((x) => checkDomainMatch(x, currentOrigin))) {
190
191
  res.writeHead(204, {
191
192
  Vary: 'Origin',
193
+ // TODO: @zhanghan 需要优先读取应用代码透传的 header
192
194
  'Access-Control-Allow-Origin': currentOrigin,
193
195
  'Access-Control-Allow-Credentials': false,
194
196
  'Access-Control-Allow-Methods': 'POST, GET, HEAD, PUT, DELETE, OPTIONS',
package/lib/nginx/includes/cors-loose CHANGED
@@ -1,6 +1,8 @@
1
- add_header Access-Control-Allow-Credentials false always;
1
+ # TODO: 需要优先读取应用代码透传的 header
2
+ # add_header Access-Control-Allow-Credentials false always;
2
3
  add_header Vary Origin always;
3
4
  add_header Access-Control-Allow-Methods "POST, GET, HEAD, PUT, DELETE, OPTIONS" always;
4
5
  add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,$http_access_control_request_headers";
5
- add_header Access-Control-Allow-Origin * always;
6
+ # TODO: 需要优先读取应用代码透传的 header
7
+ # add_header Access-Control-Allow-Origin * always;
6
8
  add_header Access-Control-Max-Age 1800;
package/lib/nginx/includes/cors-strict CHANGED
@@ -1,4 +1,5 @@
1
- add_header Access-Control-Allow-Credentials false always;
1
+ # TODO: 需要优先读取应用代码透传的 header
2
+ # add_header Access-Control-Allow-Credentials false always;
2
3
  add_header Vary Origin always;
3
4
  add_header Access-Control-Allow-Methods "POST, GET, HEAD, PUT, DELETE, OPTIONS" always;
4
5
  add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,$http_access_control_request_headers";
package/lib/nginx/includes/proxy CHANGED
@@ -1,8 +1,9 @@
1
- proxy_hide_header Access-Control-Allow-Credentials;
2
- proxy_hide_header Vary;
3
- proxy_hide_header Access-Control-Allow-Origin;
4
- proxy_hide_header Access-Control-Allow-Methods;
5
- proxy_hide_header X-Powered-By;
1
+ # TODO: 需要优先读取应用代码透传的 header
2
+ # proxy_hide_header Access-Control-Allow-Credentials;
3
+ # proxy_hide_header Vary;
4
+ # proxy_hide_header Access-Control-Allow-Origin;
5
+ # proxy_hide_header Access-Control-Allow-Methods;
6
+ # proxy_hide_header X-Powered-By;
6
7
 
7
8
  proxy_set_header Host $host;
8
9
  proxy_set_header X-Real-IP $remote_addr;
package/lib/nginx/index.js CHANGED
@@ -883,12 +883,14 @@ class NginxProvider extends BaseProvider {
883
883
  location._add('include', 'includes/cors-loose');
884
884
  location._add('include', 'includes/security');
885
885
  } else {
886
+ // TODO: @zhanghan 此处是否需要变更默认的值,如果在逻辑代码中有指定的 Access-Control-Allow-Origin,则应该优先遵守逻辑代码中的配置
886
887
  location._add('add_header', `Access-Control-Allow-Origin $allow_origin_${md5(serverName)} always`);
887
888
  location._add('include', 'includes/cors-strict');
888
889
  location._add('include', 'includes/security');
889
890
  }
890
891
 
891
- location._addVerbatimBlock('if ($request_method = "OPTIONS")', 'return 204;');
892
+ // TODO: @zhanghan 统一登录需要自行处理 options 请求的逻辑
893
+ // location._addVerbatimBlock('if ($request_method = "OPTIONS")', 'return 204;');
892
894
  } else {
893
895
  location._add('include', 'includes/security');
894
896
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@abtnode/router-provider",
3
- "version": "1.16.14-beta-a898bfcb",
3
+ "version": "1.16.14-beta-d802cd3c",
4
4
  "description": "Routing engine implementations for abt node",
5
5
  "author": "polunzh <polunzh@gmail.com>",
6
6
  "homepage": "https://github.com/ArcBlock/blocklet-server#readme",
@@ -32,10 +32,10 @@
32
32
  "url": "https://github.com/ArcBlock/blocklet-server/issues"
33
33
  },
34
34
  "dependencies": {
35
- "@abtnode/constant": "1.16.14-beta-a898bfcb",
36
- "@abtnode/logger": "1.16.14-beta-a898bfcb",
37
- "@abtnode/router-templates": "1.16.14-beta-a898bfcb",
38
- "@abtnode/util": "1.16.14-beta-a898bfcb",
35
+ "@abtnode/constant": "1.16.14-beta-d802cd3c",
36
+ "@abtnode/logger": "1.16.14-beta-d802cd3c",
37
+ "@abtnode/router-templates": "1.16.14-beta-d802cd3c",
38
+ "@abtnode/util": "1.16.14-beta-d802cd3c",
39
39
  "@arcblock/http-proxy": "^1.19.1",
40
40
  "axios": "^0.27.2",
41
41
  "debug": "^4.3.4",
@@ -59,5 +59,5 @@
59
59
  "bluebird": "^3.7.2",
60
60
  "fs-extra": "^10.1.0"
61
61
  },
62
- "gitHead": "1e6f2ec5199ca28e106a6b02114f2a3f355b3ceb"
62
+ "gitHead": "f8e2dcefd8d6876e5dedee833ac976b4a0496b20"
63
63
  }