Allow CORS for Gerrit FE landingwidget
BUG=b/239224440
Change-Id: I13c66f9fb9d40862c04b515f5d102dc50367ff43
Reviewed-on: https://cos-review.googlesource.com/c/cos/tools/+/35809
Reviewed-by: Anil Altinay <aaltinay@google.com>
Cloud-Build: GCB Service account <228075978874@cloudbuild.gserviceaccount.com>
Tested-by: Arnav Kansal <rnv@google.com>
diff --git a/src/cmd/changelog-webapp/app.yaml b/src/cmd/changelog-webapp/app.yaml
index 672dd64..818ff25 100644
--- a/src/cmd/changelog-webapp/app.yaml
+++ b/src/cmd/changelog-webapp/app.yaml
@@ -34,8 +34,3 @@
COS_FINDBUILD_TABLE_NAME: "cos-findbuild-table-name"
COS_FINDBUILD_PASSWORD_NAME: "cos-findbuild-password-name"
COS_FINDBUILD_INSTANCE_NAME: "cos-findbuild-instance-name"
-
-handlers:
-- url: /findreleasedbuild
- http_headers:
- Access-Control-Allow-Origin: https://cos-review.googlesource.com
diff --git a/src/cmd/changelog-webapp/controllers/pageHandlers.go b/src/cmd/changelog-webapp/controllers/pageHandlers.go
index 4b7643a..b38181e 100644
--- a/src/cmd/changelog-webapp/controllers/pageHandlers.go
+++ b/src/cmd/changelog-webapp/controllers/pageHandlers.go
@@ -549,6 +549,11 @@
// HandleFindReleasedBuildGerrit returns the released build number in JSON
func HandleFindReleasedBuildGerrit(w http.ResponseWriter, r *http.Request) {
+ w.Header().Set("Content-Type", "application/json")
+ if origin, ok := allowedOrigin(r.Header.Get("Origin")); ok {
+ w.Header().Set("Access-Control-Allow-Origin", origin)
+ w.Header().Set("Access-Control-Allow-Credentials", "true")
+ }
var err error
if err = r.ParseForm(); err != nil {
log.Errorf("error parsing form: %v", err)
@@ -571,5 +576,12 @@
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
- json.NewEncoder(w).Encode(map[string]string{"versions": buildData.BuildNum})
+ json.NewEncoder(w).Encode(map[string][]string{"versions": {buildData.BuildNum}})
+}
+
+func allowedOrigin(origin string) (string, bool) {
+ if origin == "https://cos-review.googlesource.com" || origin == "https://cos-internal-review.googlesource.com" {
+ return origin, true
+ }
+ return "", false
}
diff --git a/src/cmd/changelog-webapp/main.go b/src/cmd/changelog-webapp/main.go
index 4805973..9e32270 100644
--- a/src/cmd/changelog-webapp/main.go
+++ b/src/cmd/changelog-webapp/main.go
@@ -42,7 +42,7 @@
http.HandleFunc("/changelog/", controllers.HandleChangelog)
http.HandleFunc("/findbuild/", controllers.HandleFindBuild)
http.HandleFunc("/findreleasedbuildv2/", controllers.HandleFindReleasedBuild)
- http.HandleFunc("/findreleasedbuild/", controllers.HandleFindReleasedBuildGerrit)
+ http.HandleFunc("/findreleasedbuild", controllers.HandleFindReleasedBuildGerrit)
http.HandleFunc("/login/", controllers.HandleLogin)
http.HandleFunc("/oauth2callback/", controllers.HandleCallback)
http.HandleFunc("/signout/", controllers.HandleSignOut)