Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for credentials requests #434

Open
wants to merge 4 commits into
base: master
Choose a base branch
from

Conversation

senaev
Copy link

@senaev senaev commented Mar 22, 2018

To serve files with credentials support cross domains we ned to not just add some headers in request, we should also change Access-Control-Allow-Origin header to Origin value from request.

I added a new flag for it, because is is different from --cors logic and may be not safe for users.

@senaev
Copy link
Author

senaev commented Mar 22, 2018

@indexzero this is for dev purposes

@thornjad
Copy link
Member

@senaev would you mind merging/rebasing master?

@thornjad thornjad added this to the v0.12.0 milestone Apr 17, 2019
@thornjad thornjad self-requested a review April 17, 2019 14:51
@thornjad thornjad removed this from the v0.12.0 milestone Apr 17, 2019
# Conflicts:
#	README.md
#	bin/http-server
#	lib/http-server.js
@senaev
Copy link
Author

senaev commented Apr 19, 2019

would you mind merging/rebasing master?

@indexzero @thornjad done

credentials: true,
corsHeaders: 'X-Test'
});
server.listen(8083);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This port is already being used by username/password tests, so we should do 8085 here (8084 is also claimed). This is causing the tests to fail.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👌

Copy link
Author

@senaev senaev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ fixed

credentials: true,
corsHeaders: 'X-Test'
});
server.listen(8083);
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👌

@senaev
Copy link
Author

senaev commented Jun 19, 2019

@thornjad check this please

@github-actions
Copy link

This pull request has been inactive for 360 days

@github-actions github-actions bot added the stale label Aug 25, 2021
Copy link
Member

@thornjad thornjad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Besides this one question, I really like this! Here's what's left to do:

  • documentation in doc/http-server.1
  • Sorry, more merge conflicts to fix up

Comment on lines +34 to +35
' --credentials Cookie credentials can be transferred as part of a CORS request',
' Enables --cors automatically',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm concerned that the name of this switch is too general for its use case, how would you feel about --cookie-credentials or shorten to --cookie-creds or something like that?

@thornjad thornjad added minor version non-breaking, non-trivial change feature and removed stale labels Oct 12, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature minor version non-breaking, non-trivial change
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants