Skip to content

Commit

Permalink
Remove AllowPrivateNetworkAccess since it's not a common knob
Browse files Browse the repository at this point in the history
Signed-off-by: huabing zhao <zhaohuabing@gmail.com>
  • Loading branch information
zhaohuabing committed Oct 22, 2023
1 parent 755b032 commit fa3b523
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 20 deletions.
4 changes: 0 additions & 4 deletions internal/ir/xds.go
Original file line number Diff line number Diff line change
Expand Up @@ -328,10 +328,6 @@ type Cors struct {
ExposeHeaders []string `json:"exposeHeaders,omitempty" yaml:"exposeHeaders,omitempty"`
// MaxAge defines how long the results of a preflight request can be cached.
MaxAge *metav1.Duration `json:"maxAge,omitempty" yaml:"maxAge,omitempty"`
// AllowPrivateNetwork defines whether allow whose target server’s IP address
// is more private than that from which the request initiator was fetched.
// Defaults to false.
AllowPrivateNetworkAccess bool `json:"allowPrivateNetwork,omitempty" yaml:"allowPrivateNetwork,omitempty"`
}

// Validate the fields within the HTTPRoute structure
Expand Down
27 changes: 12 additions & 15 deletions internal/xds/translator/cors.go
Original file line number Diff line number Diff line change
Expand Up @@ -109,13 +109,12 @@ func patchRouteWithCorsConfig(route *routev3.Route, irRoute *ir.HTTPRoute) error
}

Check warning on line 109 in internal/xds/translator/cors.go

View check run for this annotation

Codecov / codecov/patch

internal/xds/translator/cors.go#L106-L109

Added lines #L106 - L109 were not covered by tests

var (
allowOrigins []*matcherv3.StringMatcher
allowMethods string
allowHeaders string
exposeHeaders string
maxAge string
allowCredentials *wrappers.BoolValue
allowPrivateNetworkAccess *wrappers.BoolValue
allowOrigins []*matcherv3.StringMatcher
allowMethods string
allowHeaders string
exposeHeaders string
maxAge string
allowCredentials *wrappers.BoolValue
)

//nolint:gocritic
Expand All @@ -128,16 +127,14 @@ func patchRouteWithCorsConfig(route *routev3.Route, irRoute *ir.HTTPRoute) error
allowHeaders = strings.Join(irRoute.Cors.AllowHeaders, ", ")
exposeHeaders = strings.Join(irRoute.Cors.ExposeHeaders, ", ")
maxAge = strconv.Itoa(int(irRoute.Cors.MaxAge.Seconds()))
allowPrivateNetworkAccess = &wrappers.BoolValue{Value: irRoute.Cors.AllowPrivateNetworkAccess}

routeCfgProto := &corsv3.CorsPolicy{
AllowOriginStringMatch: allowOrigins,
AllowMethods: allowMethods,
AllowHeaders: allowHeaders,
ExposeHeaders: exposeHeaders,
MaxAge: maxAge,
AllowCredentials: allowCredentials,
AllowPrivateNetworkAccess: allowPrivateNetworkAccess,
AllowOriginStringMatch: allowOrigins,
AllowMethods: allowMethods,
AllowHeaders: allowHeaders,
ExposeHeaders: exposeHeaders,
MaxAge: maxAge,
AllowCredentials: allowCredentials,
}

routeCfgAny, err := anypb.New(routeCfgProto)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,5 @@
- safeRegex:
regex: '*.example.com'
- exact: foo.bar.com
allowPrivateNetworkAccess: false
exposeHeaders: x-header-3, x-header-4
maxAge: "1000"

0 comments on commit fa3b523

Please sign in to comment.