Skip to content

Commit

Permalink
Merge pull request #30 from Manta-Network/cors-release-check
Browse files Browse the repository at this point in the history
feat: add unsafe CORS disable feature for dev
  • Loading branch information
stechu authored Dec 20, 2021
2 parents 6df2c6e + 2c75be7 commit bd3626f
Show file tree
Hide file tree
Showing 6 changed files with 142 additions and 83 deletions.
8 changes: 6 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,14 @@ is-it-maintained-issue-resolution = { repository = "Manta-Network/manta-signer"
is-it-maintained-open-issues = { repository = "Manta-Network/manta-signer" }
maintenance = { status = "actively-developed" }

[features]
# Disable CORS Check
unsafe-disable-cors = []

[dependencies]
ark-serialize = { version = "0.3.0", default-features = false }
async-std = { version = "1.10.0" }
bip0039 = { version = "0.9.0" }
bip0039 = { version = "0.10.0" }
bip32 = { version = "0.2.2" }
bs58 = { version = "0.4.0" }
cocoon = { version = "0.3.0" }
Expand All @@ -43,7 +47,7 @@ manta-data = { git = "https://github.com/Manta-Network/manta-types", branch = "m
rand = { version = "0.8.4", default-features = false }
rand_chacha = { version = "0.3.1", default-features = false }
secrecy = { version = "0.8.0", default-features = false, features = ["alloc"] }
serde = { version = "1.0.130", default-features = false, features = ["derive"] }
serde = { version = "1.0.131", default-features = false, features = ["derive"] }
serde_json = { version = "1.0.68", default-features = false }
subtle = { version = "2.4.1" }
tide = { version = "0.16.0" }
Expand Down
4 changes: 2 additions & 2 deletions release.sh
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,8 @@ EOF

# curl ...
# mv *.bin ui
# cd ui
# cargo tauri build --bundle dmg deb msi
cd ui
cargo tauri build

echo "release"

13 changes: 6 additions & 7 deletions src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -57,11 +57,8 @@ pub struct Config {
/// Service URL
pub service_url: String,

/// Dev origin URL
pub dev_origin_url: String,

/// Prod origin URL
pub prod_origin_url: String,
/// Origin URL
pub origin_url: String,
}

impl Config {
Expand All @@ -72,8 +69,10 @@ impl Config {
root_seed_file: file(dirs_next::config_dir(), "root_seed.aes")?,
proving_key_directory: directory(dirs_next::data_local_dir())?,
service_url: String::from("http://127.0.0.1:29987"),
dev_origin_url: String::from("http://localhost:8000"),
prod_origin_url: String::from("https://app.dolphin.manta.network"),
#[cfg(feature = "unsafe-disable-cors")]
origin_url: String::from("*"),
#[cfg(not(feature = "unsafe-disable-cors"))]
origin_url: String::from("https://app.dolphin.manta.network"),
})
}

Expand Down
8 changes: 1 addition & 7 deletions src/service.rs
Original file line number Diff line number Diff line change
Expand Up @@ -312,15 +312,9 @@ where
/// Builds a new [`Service`] from `config` and `authorizer`.
#[inline]
pub fn build(config: Config, authorizer: A) -> Self {
// FIXME: This is not the best strategy for choosing which URL we want.
#[cfg(debug_assertions)]
let url = config.dev_origin_url.as_str();
#[cfg(not(debug_assertions))]
let url = config.prod_origin_url.as_str();

let cors = CorsMiddleware::new()
.allow_methods("GET, POST".parse::<HeaderValue>().unwrap())
.allow_origin(Origin::from(url))
.allow_origin(Origin::from(config.origin_url.as_str()))
.allow_credentials(false);
let mut server = Server::with_state(State::new(config, authorizer));
server.with(cors);
Expand Down
Loading

0 comments on commit bd3626f

Please sign in to comment.