Make exposed CORS headers configurable (#1322)

* Prevent losing headers (like CORS related ones) when resetting the response headers due to artifact stream.

* add comment

* Extend CORS tests to verify provided header.
This commit is contained in:
Michael Herdt
2023-02-23 14:16:42 +01:00
committed by GitHub
parent 06dca2d5d2
commit 06fc4fb6d2
5 changed files with 55 additions and 18 deletions

View File

@@ -130,6 +130,11 @@ public class HawkbitSecurityProperties {
*/
private List<String> allowedMethods = Arrays.asList("DELETE", "GET", "POST", "PATCH", "PUT");
/**
* Exposed headers for CORS.
*/
private List<String> exposedHeaders = Collections.emptyList();
public boolean isEnabled() {
return enabled;
}
@@ -161,6 +166,14 @@ public class HawkbitSecurityProperties {
public void setAllowedMethods(final List<String> allowedMethods) {
this.allowedMethods = allowedMethods;
}
public List<String> getExposedHeaders() {
return exposedHeaders;
}
public void setExposedHeaders(final List<String> exposedHeaders) {
this.exposedHeaders = exposedHeaders;
}
}
/**
@@ -448,6 +461,10 @@ public class HawkbitSecurityProperties {
return maxDistributionSetTypesPerTargetType;
}
public void setMaxDistributionSetTypesPerTargetType(final int maxDistributionSetTypesPerTargetType) {
this.maxDistributionSetTypesPerTargetType = maxDistributionSetTypesPerTargetType;
}
/**
* Configuration for hawkBits DOS prevention filter. This is usually an
* infrastructure topic (e.g. Web Application Firewall (WAF)) but might