mirror of
https://github.com/Unleash/unleash.git
synced 2025-09-19 17:52:45 +02:00
09c87c755f
In this PR we remove the general SettingService cache, as it will not work across multiple horizontal unleash instances, events are not published across. We also fix the CORS origin to: - Access-Control-Allow-Origin set to "*" if no Origin is configured - Access-Control-Allow-Origin set to "*" if any Origin is configured to "*" - - Access-Control-Allow-Origin set to array and have the "cors" middleware to return an exact match on the user provided Origin. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com>
32 lines
1.1 KiB
TypeScript
32 lines
1.1 KiB
TypeScript
import React from 'react';
|
|
import { Alert } from '@mui/material';
|
|
|
|
export const CorsHelpAlert = () => {
|
|
return (
|
|
<Alert severity="info">
|
|
<p>
|
|
Use this page to configure allowed CORS origins for the Frontend
|
|
API (<code>/api/frontend</code>).
|
|
</p>
|
|
<p>
|
|
This configuration will not affect the Admin API (
|
|
<code>/api/admin</code>) nor the Client API (
|
|
<code>/api/client</code>).
|
|
</p>
|
|
<p>
|
|
An asterisk (<code>*</code>) may be used to allow API calls from
|
|
any origin.
|
|
</p>
|
|
<br />
|
|
<p>
|
|
Be aware that changes here will take up to two minutes to be
|
|
updated. In addition, there is a maxAge on the
|
|
Access-Control-Allow-Origin header that will instruct browsers
|
|
to cache this header for some time. The cache period is set to
|
|
the maxium that the browser allows (2h for Chrome, 24h for
|
|
Firefox).
|
|
</p>
|
|
</Alert>
|
|
);
|
|
};
|