зеркало из https://github.com/microsoft/docker.git
Add cors header flag and leave boolean flag not changed
Deprecate api-enable-cors Update docs & man files Signed-off-by: harry zhang <resouer@163.com>
This commit is contained in:
Родитель
8e107a9321
Коммит
f3dd2db4ff
|
@ -1229,8 +1229,9 @@ func optionsHandler(eng *engine.Engine, version version.Version, w http.Response
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
func writeCorsHeaders(w http.ResponseWriter, r *http.Request) {
|
func writeCorsHeaders(w http.ResponseWriter, r *http.Request, corsHeaders string) {
|
||||||
w.Header().Add("Access-Control-Allow-Origin", "*")
|
log.Debugf("CORS header is enabled and set to: %s", corsHeaders)
|
||||||
|
w.Header().Add("Access-Control-Allow-Origin", corsHeaders)
|
||||||
w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Registry-Auth")
|
w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Registry-Auth")
|
||||||
w.Header().Add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
|
w.Header().Add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
|
||||||
}
|
}
|
||||||
|
@ -1240,7 +1241,7 @@ func ping(eng *engine.Engine, version version.Version, w http.ResponseWriter, r
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func makeHttpHandler(eng *engine.Engine, logging bool, localMethod string, localRoute string, handlerFunc HttpApiFunc, enableCors bool, dockerVersion version.Version) http.HandlerFunc {
|
func makeHttpHandler(eng *engine.Engine, logging bool, localMethod string, localRoute string, handlerFunc HttpApiFunc, corsHeaders string, dockerVersion version.Version) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
// log the request
|
// log the request
|
||||||
log.Debugf("Calling %s %s", localMethod, localRoute)
|
log.Debugf("Calling %s %s", localMethod, localRoute)
|
||||||
|
@ -1259,8 +1260,8 @@ func makeHttpHandler(eng *engine.Engine, logging bool, localMethod string, local
|
||||||
if version == "" {
|
if version == "" {
|
||||||
version = api.APIVERSION
|
version = api.APIVERSION
|
||||||
}
|
}
|
||||||
if enableCors {
|
if corsHeaders != "" {
|
||||||
writeCorsHeaders(w, r)
|
writeCorsHeaders(w, r, corsHeaders)
|
||||||
}
|
}
|
||||||
|
|
||||||
if version.GreaterThan(api.APIVERSION) {
|
if version.GreaterThan(api.APIVERSION) {
|
||||||
|
@ -1302,7 +1303,8 @@ func AttachProfiler(router *mux.Router) {
|
||||||
router.HandleFunc("/debug/pprof/threadcreate", pprof.Handler("threadcreate").ServeHTTP)
|
router.HandleFunc("/debug/pprof/threadcreate", pprof.Handler("threadcreate").ServeHTTP)
|
||||||
}
|
}
|
||||||
|
|
||||||
func createRouter(eng *engine.Engine, logging, enableCors bool, dockerVersion string) *mux.Router {
|
// we keep enableCors just for legacy usage, need to be removed in the future
|
||||||
|
func createRouter(eng *engine.Engine, logging, enableCors bool, corsHeaders string, dockerVersion string) *mux.Router {
|
||||||
r := mux.NewRouter()
|
r := mux.NewRouter()
|
||||||
if os.Getenv("DEBUG") != "" {
|
if os.Getenv("DEBUG") != "" {
|
||||||
AttachProfiler(r)
|
AttachProfiler(r)
|
||||||
|
@ -1364,6 +1366,12 @@ func createRouter(eng *engine.Engine, logging, enableCors bool, dockerVersion st
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// If "api-cors-header" is not given, but "api-enable-cors" is true, we set cors to "*"
|
||||||
|
// otherwise, all head values will be passed to HTTP handler
|
||||||
|
if corsHeaders == "" && enableCors {
|
||||||
|
corsHeaders = "*"
|
||||||
|
}
|
||||||
|
|
||||||
for method, routes := range m {
|
for method, routes := range m {
|
||||||
for route, fct := range routes {
|
for route, fct := range routes {
|
||||||
log.Debugf("Registering %s, %s", method, route)
|
log.Debugf("Registering %s, %s", method, route)
|
||||||
|
@ -1373,7 +1381,7 @@ func createRouter(eng *engine.Engine, logging, enableCors bool, dockerVersion st
|
||||||
localMethod := method
|
localMethod := method
|
||||||
|
|
||||||
// build the handler function
|
// build the handler function
|
||||||
f := makeHttpHandler(eng, logging, localMethod, localRoute, localFct, enableCors, version.Version(dockerVersion))
|
f := makeHttpHandler(eng, logging, localMethod, localRoute, localFct, corsHeaders, version.Version(dockerVersion))
|
||||||
|
|
||||||
// add the new route
|
// add the new route
|
||||||
if localRoute == "" {
|
if localRoute == "" {
|
||||||
|
@ -1392,7 +1400,7 @@ func createRouter(eng *engine.Engine, logging, enableCors bool, dockerVersion st
|
||||||
// FIXME: refactor this to be part of Server and not require re-creating a new
|
// FIXME: refactor this to be part of Server and not require re-creating a new
|
||||||
// router each time. This requires first moving ListenAndServe into Server.
|
// router each time. This requires first moving ListenAndServe into Server.
|
||||||
func ServeRequest(eng *engine.Engine, apiversion version.Version, w http.ResponseWriter, req *http.Request) {
|
func ServeRequest(eng *engine.Engine, apiversion version.Version, w http.ResponseWriter, req *http.Request) {
|
||||||
router := createRouter(eng, false, true, "")
|
router := createRouter(eng, false, true, "", "")
|
||||||
// Insert APIVERSION into the request as a convenience
|
// Insert APIVERSION into the request as a convenience
|
||||||
req.URL.Path = fmt.Sprintf("/v%s%s", apiversion, req.URL.Path)
|
req.URL.Path = fmt.Sprintf("/v%s%s", apiversion, req.URL.Path)
|
||||||
router.ServeHTTP(w, req)
|
router.ServeHTTP(w, req)
|
||||||
|
@ -1401,7 +1409,7 @@ func ServeRequest(eng *engine.Engine, apiversion version.Version, w http.Respons
|
||||||
// serveFd creates an http.Server and sets it up to serve given a socket activated
|
// serveFd creates an http.Server and sets it up to serve given a socket activated
|
||||||
// argument.
|
// argument.
|
||||||
func serveFd(addr string, job *engine.Job) error {
|
func serveFd(addr string, job *engine.Job) error {
|
||||||
r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
|
r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("CorsHeaders"), job.Getenv("Version"))
|
||||||
|
|
||||||
ls, e := systemd.ListenFD(addr)
|
ls, e := systemd.ListenFD(addr)
|
||||||
if e != nil {
|
if e != nil {
|
||||||
|
@ -1543,7 +1551,7 @@ func setupTcpHttp(addr string, job *engine.Job) (*HttpServer, error) {
|
||||||
log.Infof("/!\\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
|
log.Infof("/!\\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
|
||||||
}
|
}
|
||||||
|
|
||||||
r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
|
r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("CorsHeaders"), job.Getenv("Version"))
|
||||||
|
|
||||||
l, err := newListener("tcp", addr, job.GetenvBool("BufferRequests"))
|
l, err := newListener("tcp", addr, job.GetenvBool("BufferRequests"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -27,7 +27,7 @@ func NewServer(proto, addr string, job *engine.Job) (Server, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func setupUnixHttp(addr string, job *engine.Job) (*HttpServer, error) {
|
func setupUnixHttp(addr string, job *engine.Job) (*HttpServer, error) {
|
||||||
r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("Version"))
|
r := createRouter(job.Eng, job.GetenvBool("Logging"), job.GetenvBool("EnableCors"), job.Getenv("CorsHeaders"), job.Getenv("Version"))
|
||||||
|
|
||||||
if err := syscall.Unlink(addr); err != nil && !os.IsNotExist(err) {
|
if err := syscall.Unlink(addr); err != nil && !os.IsNotExist(err) {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
|
@ -39,6 +39,7 @@ type Config struct {
|
||||||
Mtu int
|
Mtu int
|
||||||
SocketGroup string
|
SocketGroup string
|
||||||
EnableCors bool
|
EnableCors bool
|
||||||
|
CorsHeaders string
|
||||||
DisableNetwork bool
|
DisableNetwork bool
|
||||||
EnableSelinuxSupport bool
|
EnableSelinuxSupport bool
|
||||||
Context map[string][]string
|
Context map[string][]string
|
||||||
|
@ -68,7 +69,8 @@ func (config *Config) InstallFlags() {
|
||||||
flag.BoolVar(&config.EnableSelinuxSupport, []string{"-selinux-enabled"}, false, "Enable selinux support")
|
flag.BoolVar(&config.EnableSelinuxSupport, []string{"-selinux-enabled"}, false, "Enable selinux support")
|
||||||
flag.IntVar(&config.Mtu, []string{"#mtu", "-mtu"}, 0, "Set the containers network MTU")
|
flag.IntVar(&config.Mtu, []string{"#mtu", "-mtu"}, 0, "Set the containers network MTU")
|
||||||
flag.StringVar(&config.SocketGroup, []string{"G", "-group"}, "docker", "Group for the unix socket")
|
flag.StringVar(&config.SocketGroup, []string{"G", "-group"}, "docker", "Group for the unix socket")
|
||||||
flag.BoolVar(&config.EnableCors, []string{"#api-enable-cors", "-api-enable-cors"}, false, "Enable CORS headers in the remote API")
|
flag.BoolVar(&config.EnableCors, []string{"#api-enable-cors", "#-api-enable-cors"}, false, "Enable CORS headers in the remote API")
|
||||||
|
flag.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", "Set CORS headers in the remote API")
|
||||||
opts.IPVar(&config.DefaultIp, []string{"#ip", "-ip"}, "0.0.0.0", "Default IP when binding container ports")
|
opts.IPVar(&config.DefaultIp, []string{"#ip", "-ip"}, "0.0.0.0", "Default IP when binding container ports")
|
||||||
opts.ListVar(&config.GraphOptions, []string{"-storage-opt"}, "Set storage driver options")
|
opts.ListVar(&config.GraphOptions, []string{"-storage-opt"}, "Set storage driver options")
|
||||||
// FIXME: why the inconsistency between "hosts" and "sockets"?
|
// FIXME: why the inconsistency between "hosts" and "sockets"?
|
||||||
|
|
|
@ -131,6 +131,7 @@ func mainDaemon() {
|
||||||
job := eng.Job("serveapi", flHosts...)
|
job := eng.Job("serveapi", flHosts...)
|
||||||
job.SetenvBool("Logging", true)
|
job.SetenvBool("Logging", true)
|
||||||
job.SetenvBool("EnableCors", daemonCfg.EnableCors)
|
job.SetenvBool("EnableCors", daemonCfg.EnableCors)
|
||||||
|
job.Setenv("CorsHeaders", daemonCfg.CorsHeaders)
|
||||||
job.Setenv("Version", dockerversion.VERSION)
|
job.Setenv("Version", dockerversion.VERSION)
|
||||||
job.Setenv("SocketGroup", daemonCfg.SocketGroup)
|
job.Setenv("SocketGroup", daemonCfg.SocketGroup)
|
||||||
|
|
||||||
|
|
|
@ -37,6 +37,9 @@ unix://[/path/to/socket] to use.
|
||||||
**--api-enable-cors**=*true*|*false*
|
**--api-enable-cors**=*true*|*false*
|
||||||
Enable CORS headers in the remote API. Default is false.
|
Enable CORS headers in the remote API. Default is false.
|
||||||
|
|
||||||
|
**--api-cors-header**=""
|
||||||
|
Set CORS headers in the remote API. Default is cors disabled. Give urls like "http://foo, http://bar, ...". Give "*" to allow all.
|
||||||
|
|
||||||
**-b**=""
|
**-b**=""
|
||||||
Attach containers to a pre\-existing network bridge; use 'none' to disable container networking
|
Attach containers to a pre\-existing network bridge; use 'none' to disable container networking
|
||||||
|
|
||||||
|
|
|
@ -1968,7 +1968,7 @@ This might change in the future.
|
||||||
|
|
||||||
## 3.3 CORS Requests
|
## 3.3 CORS Requests
|
||||||
|
|
||||||
To enable cross origin requests to the remote api add the flag
|
To set cross origin requests to the remote api, please add flag "--api-enable-cors"
|
||||||
"--api-enable-cors" when running docker in daemon mode.
|
when running docker in daemon mode.
|
||||||
|
|
||||||
$ docker -d -H="192.168.1.9:2375" --api-enable-cors
|
$ docker -d -H="192.168.1.9:2375" --api-cors-header="http://foo.bar"
|
||||||
|
|
|
@ -75,6 +75,7 @@ expect an integer, and they can only be specified once.
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
--api-enable-cors=false Enable CORS headers in the remote API
|
--api-enable-cors=false Enable CORS headers in the remote API
|
||||||
|
--api-cors-header="" Set CORS headers in the remote API
|
||||||
-b, --bridge="" Attach containers to a network bridge
|
-b, --bridge="" Attach containers to a network bridge
|
||||||
--bip="" Specify network bridge IP
|
--bip="" Specify network bridge IP
|
||||||
-D, --debug=false Enable debug mode
|
-D, --debug=false Enable debug mode
|
||||||
|
|
Загрузка…
Ссылка в новой задаче