Skip to content

Commit 89a88d8

Browse files
committed
refactor: update CORS variable naming
Refs: NS-192
1 parent 6cd6403 commit 89a88d8

2 files changed

Lines changed: 6 additions & 6 deletions

File tree

notification_service/settings.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -23,8 +23,8 @@
2323
env = environ.Env(
2424
ALLOWED_HOSTS=(list, []),
2525
CACHE_URL=(str, "locmemcache://"),
26-
CORS_ORIGIN_ALLOW_ALL=(bool, False),
27-
CORS_ORIGIN_WHITELIST=(list, []),
26+
CORS_ALLOW_ALL_ORIGINS=(bool, False),
27+
CORS_ALLOWED_ORIGINS=(list, []),
2828
DATABASE_URL=(str, ""),
2929
DEBUG=(bool, False),
3030
DEFAULT_FROM_EMAIL=(str, "no-reply@hel.ninja"),
@@ -157,8 +157,8 @@
157157
}
158158
]
159159

160-
CORS_ALLOWED_ORIGINS = env.list("CORS_ORIGIN_WHITELIST")
161-
CORS_ORIGIN_ALLOW_ALL = env.bool("CORS_ORIGIN_ALLOW_ALL")
160+
CORS_ALLOWED_ORIGINS = env.list("CORS_ALLOWED_ORIGINS")
161+
CORS_ALLOW_ALL_ORIGINS = env.bool("CORS_ALLOW_ALL_ORIGINS")
162162
CORS_ALLOW_CREDENTIALS = True
163163

164164
# Configure the default CSP rule for different source types

notification_service/tests/test_cors.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ def test_cors_allowed_origin(settings, live_server, client: Client):
77
settings.CORS_ALLOWED_ORIGINS = [
88
live_server.url,
99
]
10-
settings.CORS_ORIGIN_ALLOW_ALL = False
10+
settings.CORS_ALLOW_ALL_ORIGINS = False
1111
response = client.get("/admin/login/", HTTP_ORIGIN=live_server.url)
1212
assert response.status_code == 200
1313
assert response["Access-Control-Allow-Origin"] == live_server.url
@@ -16,7 +16,7 @@ def test_cors_allowed_origin(settings, live_server, client: Client):
1616
@pytest.mark.django_db
1717
def test_cors_disallowed_origin(settings, live_server, client: Client):
1818
settings.CORS_ALLOWED_ORIGINS = [live_server.url]
19-
settings.CORS_ORIGIN_ALLOW_ALL = False
19+
settings.CORS_ALLOW_ALL_ORIGINS = False
2020
response = client.get("/admin/login/", HTTP_ORIGIN="http://malicious.com")
2121
assert response.status_code == 200 # The request still succeeds...
2222
assert (

0 commit comments

Comments
 (0)