fix(cors): allowOriginStringMatch & allowMethods are required

Signed-off-by: spacewander <[email protected]>
mosn · Dec 13, 2024 · 509385d · 509385d
1 parent a065daf
commit 509385d
Show file tree

Hide file tree

Showing 4 changed files with 96 additions and 3 deletions.
diff --git a/site/content/en/docs/reference/plugins/cors.md b/site/content/en/docs/reference/plugins/cors.md
@@ -16,7 +16,7 @@ The `cors` plugin handles Cross-Origin Resource Sharing requests by leveraging E
 
 ## Configuration
 
-See the corresponding [Envoy documentation](https://www.envoyproxy.io/docs/envoy/v1.29.5/configuration/http/http_filters/cors_filter).
+See the corresponding [Envoy documentation](https://www.envoyproxy.io/docs/envoy/v1.29.5/configuration/http/http_filters/cors_filter). Unlike the configuration in Envoy, the `allowOriginStringMatch` and `allowMethods` here are required.
 
 ## Usage
 

diff --git a/site/content/zh-hans/docs/reference/plugins/cors.md b/site/content/zh-hans/docs/reference/plugins/cors.md
@@ -16,7 +16,7 @@ title: CORS
 
 ## 配置
 
-请参阅相应的 [Envoy 文档](https://www.envoyproxy.io/docs/envoy/v1.29.5/configuration/http/http_filters/cors_filter)。
+请参阅相应的 [Envoy 文档](https://www.envoyproxy.io/docs/envoy/v1.29.5/configuration/http/http_filters/cors_filter)。注意和 Envoy 默认配置不同，`allowOriginStringMatch` 和 `allowMethods` 是必须的。
 
 ## 用法
 

diff --git a/types/plugins/cors/config.go b/types/plugins/cors/config.go
@@ -15,6 +15,8 @@
 package cors
 
 import (
+	"fmt"
+
 	cors "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cors/v3"
 
 	"mosn.io/htnn/api/pkg/filtermanager/api"
@@ -44,6 +46,27 @@ func (p *Plugin) Order() plugins.PluginOrder {
 	}
 }
 
+type CustomConfig struct {
+	cors.CorsPolicy
+}
+
+func (conf *CustomConfig) Validate() error {
+	err := conf.CorsPolicy.Validate()
+	if err != nil {
+		return err
+	}
+
+	if len(conf.CorsPolicy.GetAllowOriginStringMatch()) == 0 {
+		return fmt.Errorf("cors allowOriginStringMatch is required")
+	}
+
+	if len(conf.CorsPolicy.GetAllowMethods()) == 0 {
+		return fmt.Errorf("cors allowMethods is required")
+	}
+
+	return nil
+}
+
 func (p *Plugin) Config() api.PluginConfig {
-	return &cors.CorsPolicy{}
+	return &CustomConfig{}
 }
diff --git a/types/plugins/cors/config_test.go b/types/plugins/cors/config_test.go
@@ -0,0 +1,70 @@
+// Copyright The HTNN Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cors
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"google.golang.org/protobuf/encoding/protojson"
+)
+
+func TestConfig(t *testing.T) {
+	tests := []struct {
+		name  string
+		input string
+		err   string
+	}{
+		{
+			name: "validate allowOriginStringMatch",
+			input: `
+{
+  "allowMethods": "POST"
+}
+			`,
+			err: "cors allowOriginStringMatch is required",
+		},
+		{
+			name: "validate allowMethods",
+			input: `
+{
+  "allowOriginStringMatch": [
+    {
+      "safeRegex": {
+        "regex": ".*\\.default\\.local"
+      }
+    }
+  ]
+}
+			`,
+			err: "cors allowMethods is required",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			conf := &CustomConfig{}
+			err := protojson.Unmarshal([]byte(tt.input), conf)
+			if err == nil {
+				err = conf.Validate()
+			}
+			if tt.err == "" {
+				assert.Nil(t, err)
+			} else {
+				assert.ErrorContains(t, err, tt.err)
+			}
+		})
+	}
+}