Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kwabena Antwi-Boasiako
slapos
Commits
58ccdb3b
Commit
58ccdb3b
authored
Sep 15, 2014
by
Cédric Le Ninivin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
slaprunner: cors allow origin configurable with monitoring interface
parent
47c2fa64
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
99 additions
and
4 deletions
+99
-4
software/slaprunner/common.cfg
software/slaprunner/common.cfg
+11
-2
software/slaprunner/httpd_conf.in
software/slaprunner/httpd_conf.in
+1
-2
software/slaprunner/instance-runner.cfg
software/slaprunner/instance-runner.cfg
+24
-0
software/slaprunner/template/cors-domain.jinja
software/slaprunner/template/cors-domain.jinja
+63
-0
No files found.
software/slaprunner/common.cfg
View file @
58ccdb3b
...
...
@@ -43,7 +43,7 @@ mode = 0644
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner.cfg
output = ${buildout:directory}/template-runner.cfg.in
md5sum =
b5644037da14e79576840975415ee1a4
md5sum =
a1987b36e64cc021cb0cee47eee7dde2
mode = 0644
[template-runner-import-script]
...
...
@@ -103,7 +103,7 @@ mode = 0644
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/httpd_conf.in
download-only = true
md5sum =
ffbf52ee43e64f58e7a3f64745fd9aab
md5sum =
94bc5d6f1afc4e075d530fed496f47c2
filename = httpd_conf.in
mode = 0644
...
...
@@ -160,6 +160,15 @@ filename = listener_slapgrid.py.in
download-only = true
mode = 0644
[cors-domain-cgi]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/${:filename}
download-only = true
md5sum = 4c44d617d5bfd1db8695200e896480c0
destination = ${buildout:parts-directory}/monitor-template-cors-domain-cgi
filename = cors-domain.jinja
mode = 0644
[eggs]
recipe = z3c.recipe.scripts
eggs =
...
...
software/slaprunner/httpd_conf.in
View file @
58ccdb3b
...
...
@@ -46,8 +46,7 @@ SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
SSLEngine On
SetEnvIf Origin "http(s)?://(www\.)?(.*)$" AccessControlAllowOrigin=$0$1
Header always set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Include {{ parameters.httpd_cors_file }}
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST"
Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization"
...
...
software/slaprunner/instance-runner.cfg
View file @
58ccdb3b
...
...
@@ -50,6 +50,7 @@ parts =
monitor-instance-log-access
## Monitor for runner
monitor-current-log-access
monitor-deploy-cors-domain-cgi
extends = ${monitor-template:output}
...
...
@@ -328,6 +329,7 @@ project_public_folder = $${runnerdirectory:public-project}
runner_home = $${runnerdirectory:home}
git_http_backend = ${git:location}/libexec/git-core/git-http-backend
cgi_httpd_conf = $${monitor-httpd-configuration-file:rendered}
httpd_cors_file = $${monitor-httpd-cors:location}
[httpd-conf]
recipe = slapos.recipe.template:jinja2
...
...
@@ -696,3 +698,25 @@ port = $${supervisord:port}
[monitor-current-log-access]
< = monitor-directory-access
source = $${directory:log}
[monitor-deploy-cors-domain-cgi]
recipe = slapos.recipe.template:jinja2
template = ${cors-domain-cgi:location}/${cors-domain-cgi:filename}
rendered = $${monitor-directory:knowledge0-cgi}/$${:filename}
filename = cors-domain.cgi
mode = 0744
context =
raw config_cfg $${buildout:directory}/knowledge0.cfg
raw timestamp $${buildout:directory}/.timestamp
raw python_executable ${buildout:executable}
key apache_file httpd-parameters:httpd_cors_file
key pwd monitor-directory:knowledge0-cgi
key this_file :filename
key httpd_graceful cgi-httpd-graceful-wrapper:rendered
[monitor-httpd-cors]
recipe = plone.recipe.command
command = if [ ! -f $${:location} ]; then touch $${:location}; fi
location = $${directory:etc}/$${:filename}
filename = httpd-cors.cfg
stop-on-error = true
software/slaprunner/template/cors-domain.jinja
0 → 100644
View file @
58ccdb3b
#!{{ python_executable }}
import cgi
import cgitb
import ConfigParser
import os
import re
import subprocess
cgitb.enable(display=0, logdir="/tmp/cgi.log")
form = cgi.FieldStorage()
apache_file = "{{ apache_file }}"
config_file = "{{ config_cfg }}"
if not os.path.exists(config_file):
print "Your software does
<b>
not
</b>
embed 0-knowledge. \
This interface is useless in this case
</body></html>
"
exit(0)
parser = ConfigParser.ConfigParser()
parser.read(config_file)
if not parser.has_section("cors"):
parser.add_section("cors")
if not parser.has_option("cors", "cors-domain"):
parser.set("cors", "cors-domain", "")
if "cors-domain" in form:
parser.set("cors", "cors-domain", form["cors-domain"].value)
cors_domain_list = form["cors-domain"].value.split()
cors_string = ""
for domain in cors_domain_list:
if cors_string:
cors_string += '|'
cors_string += re.escape(domain)
with open(apache_file, 'w') as file:
file.write('SetEnvIf Origin "^http(s)?://(.+\.)?(%s)$" origin_is=$0\n' % cors_string)
file.write('Header always set Access-Control-Allow-Origin %{origin_is}e env=origin_is')
subprocess.call('{{ httpd_graceful }}')
cors_domain_parameter = parser.get("cors", "cors-domain")
with open(config_file, 'w') as file:
parser.write(file)
print "
<html><head>
"
print "
<link
rel=
\"stylesheet\"
href=
\"static/pure-min.css\"
>
"
print "
<link
rel=
\"stylesheet\"
href=
\"static/style.css\"
>
"
print "
</head><body>
"
print "
<h1>
Cors Domains :
</h1>
"
print "
<p>
Enter domain names separated by space to authorized CORS on your dav storage for these domains
</p>
"
print "
<form
action=
\"/index.cgi\"
method=
\"post\"
class=
\"pure-form-aligned\"
>
"
print "
<input
type=
\"hidden\"
name=
\"posting-script\"
value=
\"{{
pwd
}}/{{
this_file
}}\"
>
"
print "
<div
class=
\"pure-control-group\"
>
"
print '
<label
for=
"cors-domain"
>
CORS Domains
</label>
'
print '
<input
type=
"text"
name=
"cors-domain"
value=
"%s"
>
' % cors_domain_parameter
print "
</div>
"
print "
<div
class=
\"pure-controls\"
><button
type=
\"submit\"
class=
\"pure-button
\
pure-button-primary
\"
>
Save
</button></div></form>
"
print "
</body></html>
"
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment