Comments (9)
Closing in favor of #3357
from spring-cloud-gateway.
If we remove the header before we dispatch the request in the circuit breaker filter we can avoid the CORS filter. At least that is the one solution I thought of.
Funny, we were discussing this with @spikymonkey before. In theory yes, but I assume you want those headers to be forwarded also to the fallback service. In case they want to validate CORS at that level too.
from spring-cloud-gateway.
Thats what I was wondering, but if the fallback URL is forward
and the CORS has already been validated before the CB is tripped and we are therefore just forwarding the request to another endpoint in the gateway I don't think we need to validate CORS again.
from spring-cloud-gateway.
I took a look at this today, but I am unsure what the right path forward may be.
I am wondering if the Cors configuration should even come into play when the URI is forward:/
since we are forwarding the request to ourselves?
@spencergibb what do you think?
from spring-cloud-gateway.
From the top of my head, the CORS components come from spring-web and it's a Global Web Filter, not a SCG Filter. So I thought it could not be disabled per route.
I kind of expected the solution would be to resolve the forward:/
URL to avoid passing a relative value. Isn't it the case?
from spring-cloud-gateway.
Ah you are right about the CORS filter. When I was debugging the code I was not paying attention to the package and I just assumed it was handled by the Gateway.
Either way it seems like the CORS filter is based off the presence of the Origin
header being present.
https://github.com/spring-projects/spring-framework/blob/main/spring-web/src/main/java/org/springframework/web/cors/reactive/CorsUtils.java#L44
If we remove the header before we dispatch the request in the circuit breaker filter we can avoid the CORS filter. At least that is the one solution I thought of.
from spring-cloud-gateway.
I am wondering if the Cors configuration should even come into play when the URI is forward:/ since we are forwarding the request to ourselves?
Sounds right
I kind of expected the solution would be to resolve the forward:/ URL to avoid passing a relative value.
No, there's nothing to resolve. It's always relative, it can never be a full url.
from spring-cloud-gateway.
If we remove the header before we dispatch the request in the circuit breaker filter we can avoid the CORS filter.
I can't think of another solution than this. Modify ForwardRoutingFilter
, I think.
from spring-cloud-gateway.
In fact, we already have a place to manipulate the request for forwarding
from spring-cloud-gateway.
Related Issues (20)
- the gateway can modify the queryparams of the URL by Get request? HOT 4
- X-Forwarded-Prefix not working when using MVC
- org.springframework.core.io.buffer.DefaultDataBuffer cannot be cast to org.springframework.core.io.buffer.NettyDataBuffer HOT 5
- Spring Native doesn't work with Spring Gateway: java.lang.IllegalStateException: Incompatible Tomcat implementation HOT 2
- spring-cloud-gateway cpu100%
- [Question] Routing of the requests with multipart file upload limitations
- Migrate mvc proxy exchange properties to new namespace and deprecate old
- Migrate webflux proxy exchange properties to new namespace and deprecate old
- Migrate server-webflux properties to new namespace and deprecate old
- Migrate server-webmvc properties to new namespace and deprecate old
- Serve Single Page Applications as static files in Spring Cloud Gateway HOT 5
- Custom GlobalFilter will have undeterministic hehavior when the Order is the same value. HOT 3
- openfeign java.lang.NoClassDefFoundError: feign/Request$Options
- Route pointing to self can be bypassed by direct controller access
- Cors handling with spring cloudgateway mvc HOT 1
- SCG Redis ratelimiter solution has unavailable issues when redis has problems HOT 3
- How can i block"/actuator" endpoint in gateway HOT 3
- can anyone provide a spring-cloud-gateway-mvc sample? HOT 2
- LEAK: ByteBuf.release() error HOT 6
- The cache works differently if the value of local-response-cache.enabled is default false or explicitly false
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-cloud-gateway.