If the webserver should print arguments.
-.. _setting-webserver-allow-cross-origin-requests:
+.. _setting-webserver-cross-origin-request-header:
-``webserver-allow-cross-origin-requests``
+``webserver-cross-origin-request_header``
-----------------------------------------
.. versionadded:: 5.1.0
- String
- Default: empty
-The value if the access-control-allow-origin HTTP header to include. This header is not inluded if the value is empty.
+The value if the access-control-allow-origin HTTP header to include. This header is not included if the value is empty.
.. _setting-write-pid:
^^^^^^^^^^^^^^^^^^^^^
The embedded webserver now does not include a ``access-control-allow-origin: *`` header by default.
-See :ref:`setting-webserver-allow-cross-origin-requests`.
+See :ref:`setting-webserver-cross-origin-request-header`.
zone display
^^^^^^^^^^^^
::arg().set("webserver-max-concurrent-connections", "Webserver/API maximum concurrent connections allowed") = "100";
::arg().set("webserver-connection-timeout", "Webserver/API request/response timeout in seconds") = "5";
::arg().setSwitch("webserver-hash-plaintext-credentials", "Whether to hash passwords and api keys supplied in plaintext, to prevent keeping the plaintext version in memory at runtime") = "no";
- ::arg().set("webserver-allow-cross-origin-requests", "Webserver cross origin request header value") = "";
+ ::arg().set("webserver-cross-origin-request_header", "Webserver cross origin request header value") = "";
::arg().setSwitch("query-logging", "Hint backends that queries should be logged") = "no";
- The :ref:`setting-yaml-outgoing.max_bytesperq` setting has been introduced to limit the amount of incoming bytes per client query.
- The :ref:`setting-yaml-recordcache.max_entry_size` setting has been introduced to limit the maximum size of a stored record set.
- The :ref:`setting-yaml-packetcache.max_entry_size` setting has been introduced to limit the maximum size of a packet cache entry.
-- The :ref:`setting-yaml-webservice.allow_cross_origin_requests` setting has been introduced, default is not set. This is a change of behaviour, as older versions do set the access-control-allow-origin header.
+- The :ref:`setting-yaml-webservice.cross_origin_request_header` setting has been introduced, default is not set. This is a change of behaviour, as older versions do set the access-control-allow-origin header.
5.3.0 to 5.4.0
allow_password: bool,
) {
// security headers
- if !ctx.allow_cross_origin_requests.is_empty() {
- if let Ok(value) = header::HeaderValue::from_str(&ctx.allow_cross_origin_requests) {
+ if !ctx.cross_origin_request_header.is_empty() {
+ if let Ok(value) = header::HeaderValue::from_str(&ctx.cross_origin_request_header) {
headers.insert(
header::ACCESS_CONTROL_ALLOW_ORIGIN,
value,
logger: cxx::SharedPtr<rustmisc::Logger>,
loglevel: rustmisc::LogLevel,
max_request_size: u64,
- allow_cross_origin_requests: String,
+ cross_origin_request_header: String,
}
// Serve a file
response.status = 200;
methods.push(Method::OPTIONS.to_string());
- if !ctx.allow_cross_origin_requests.is_empty() {
+ if !ctx.cross_origin_request_header.is_empty() {
response.headers.push(rustweb::KeyValue {
key: String::from("access-control-allow-origin"),
- value: String::from(ctx.allow_cross_origin_requests.clone()),
+ value: String::from(ctx.cross_origin_request_header.clone()),
});
}
logger: cxx::SharedPtr<rustmisc::Logger>,
loglevel: rustmisc::LogLevel,
max_request_size: u64,
- allow_cross_origin_requests: String,
+ cross_origin_request_header: String,
) -> Result<(), std::io::Error> {
// Context, atomically reference counted
let ctx = Arc::new(Context {
logger,
loglevel,
max_request_size,
- allow_cross_origin_requests,
+ cross_origin_request_header,
});
// We use a single thread to handle all the requests, letting the runtime abstracts from this
logger: SharedPtr<Logger>,
loglevel: LogLevel,
max_request_size: u64,
- allow_cross_origin_requests: String,
+ cross_origin_request_header: String,
) -> Result<()>;
}
"versionchanged": ("4.6.0", "This setting now accepts a hashed and salted version."),
},
{
- "name": "allow_cross_origin_requests",
+ "name": "cross_origin_request_heaer",
"section": "webservice",
"type": LType.String,
"default": "",
// This function returns after having created the web server object that handles the requests.
// That object and its runtime are associated with a Posix thread that waits until all tasks are
// done, which normally never happens. See rec-rust-lib/rust/src/web.rs for details
- pdns::rust::web::rec::serveweb(config, std::move(password), std::move(apikey), std::move(aclPtr), std::move(logPtr), loglevel, arg().asNum("webserver-max-request-size") * 1024ULL * 1024ULL, arg()["allow-cross-origin-requests"]);
+ pdns::rust::web::rec::serveweb(config, std::move(password), std::move(apikey), std::move(aclPtr), std::move(logPtr), loglevel, arg().asNum("webserver-max-request-size") * 1024ULL * 1024ULL, arg()["cross-origin-request-header"]);
}
static void fromCxxToRust(const HttpResponse& cxxresp, pdns::rust::web::rec::Response& rustResponse)
void WebServer::apiWrapper(const WebServer::HandlerFunction& handler, HttpRequest* req, HttpResponse* resp, bool allowPassword)
{
- if (!d_allow_cross_origin_requests.empty()) {
- resp->headers["access-control-allow-origin"] = d_allow_cross_origin_requests;
+ if (!d_cross_origin_request_header.empty()) {
+ resp->headers["access-control-allow-origin"] = d_cross_origin_request_header;
}
if (!d_apikey) {
d_maxbodysize(static_cast<ssize_t>(2 * 1024 * 1024))
{
- YaHTTP::Router::Map("OPTIONS", "/<*url>", [&allowCors = d_allow_cross_origin_requests](YaHTTP::Request *req, YaHTTP::Response *resp) {
+ YaHTTP::Router::Map("OPTIONS", "/<*url>", [&allowCors = d_cross_origin_request_header](YaHTTP::Request *req, YaHTTP::Response *resp) {
// look for url in routes
bool seen = false;
std::vector<std::string> methods;
return d_loglevel;
};
- void setAllowCrossOriginRequests(const std::string& value)
+ void setCrossOriginRequestHeader(const std::string& value)
{
- d_allow_cross_origin_requests = value;
+ d_cross_origin_request_header = value;
}
std::shared_ptr<Logr::Logger> d_slog;
int d_connectiontimeout{5}; // in seconds
NetmaskGroup d_acl;
- std::string d_allow_cross_origin_requests;
+ std::string d_cross_origin_request_header;
const string d_logprefix = "[webserver] ";
d_ws->setMaxBodySize(::arg().asNum("webserver-max-bodysize"));
d_ws->setConnectionTimeout(::arg().asNum("webserver-connection-timeout"));
- d_ws->setAllowCrossOriginRequests(arg()["webserver-allow-cross-origin-requests"]);
+ d_ws->setCrossOriginRequestHeader(arg()["webserver-cross-origin-request-header"]);
d_ws->bind();
}
}
projects / thirdparty / pdns.git / commitdiff
