Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Whitelist CORS Origin header values #6

Open
rostgaard opened this issue Dec 6, 2012 · 1 comment
Open

Whitelist CORS Origin header values #6

rostgaard opened this issue Dec 6, 2012 · 1 comment
Assignees
Milestone

Comments

@rostgaard
Copy link
Member

Only add the Access_Control_Allow_Origin and Access_Control_Allow_Credentials headers to the response if the given Origin header is valid.

The whitelist could be maintained as a table in the PostgreSQL database, and then cached locally by Alice. Just remember that this is a lookup that will happen on every single request to Alice, so it needs to be fast.

@ghost ghost assigned ThomasLocke Dec 11, 2012
@rostgaard
Copy link
Member Author

I suggest we use the JSON file -> HashMap -> SIGHUP dance for this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants