Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix S3 CORS allowing all by default #7038

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 28, 2022
Merged

fix S3 CORS allowing all by default #7038

merged 1 commit into from
Oct 28, 2022

Conversation

bentsku
Copy link
Contributor

@bentsku bentsku commented Oct 18, 2022
edited
Loading

After working on CORS for the new S3 provider, we realised that S3 would allow all origins by default if CORS was configured for the bucket. This fix cleans up all CORS headers returned by moto, then checks if CORS is configured for the bucket.
(Before, the headers would be cleaned up only if the bucket had CORS configured).
The new logic is:

  1. After the response is returned from moto, clean up all CORS related headers
  2. If CORS is configured for the bucket, append the specific matched CORS rule headers.
  3. If CORS is not configured, append the default CORS headers of LocalStack (which you can extend with config variables).

We worked on this fix in tandem with @dfangl

This might create some issues with customers accessing S3 from websites. The quickest fix to this issue is to add the needed origins to EXTRA_CORS_ALLOWED_ORIGINS, or to configure CORS for the S3 bucket.

@bentsku bentsku requested a review from dfangl October 18, 2022 14:59
@bentsku bentsku requested a review from thrau as a code owner October 18, 2022 14:59
@bentsku bentsku temporarily deployed to localstack-ext-tests October 18, 2022 14:59 Inactive
@coveralls
Copy link

Coverage Status

Coverage decreased (-0.2%) to 79.223% when pulling fe58356 on fix-s3-cors into c5be6c6 on master.

@github-actions
Copy link

LocalStack integration with Pro

       3 files  ±0         3 suites  ±0   1h 14m 9s ⏱️ + 1m 49s
1 410 tests ±0  1 226 ✔️  - 1  184 💤 +1  0 ±0 
2 008 runs  ±0  1 592 ✔️  - 1  416 💤 +1  0 ±0 

Results for commit fe58356. ± Comparison against base commit c5be6c6.

@thrau thrau removed their request for review October 20, 2022 18:27
dfangl
dfangl approved these changes Oct 25, 2022
View reviewed changes
Copy link
Member

@dfangl dfangl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@bentsku bentsku merged commit 86886d3 into master Oct 28, 2022
@bentsku bentsku deleted the fix-s3-cors branch October 28, 2022 14:39
@bentsku bentsku mentioned this pull request Oct 28, 2022
Merged
@robblovell robblovell mentioned this pull request Jan 18, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dfangl dfangl dfangl approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bentsku @coveralls @dfangl