mirror of
https://github.com/Skyvern-AI/skyvern.git
synced 2026-07-09 16:09:13 +00:00
Fix staging preview CORS allowlist (SKY-12074) (#7212)
This commit is contained in:
parent
265679e9dd
commit
ac01aca99c
4 changed files with 20 additions and 2 deletions
|
|
@ -212,6 +212,7 @@ class Settings(BaseSettings):
|
|||
ENABLE_CODE_BLOCK_SELF_HEALING: bool = False
|
||||
PORT: int = 8000
|
||||
ALLOWED_ORIGINS: list[str] = ["*"]
|
||||
ALLOWED_ORIGIN_REGEX: str | None = None
|
||||
BLOCKED_HOSTS: list[str] = ["localhost"]
|
||||
ALLOWED_HOSTS: list[str] = []
|
||||
|
||||
|
|
|
|||
|
|
@ -25,3 +25,11 @@ def credentialed_cors_allow_origins(allowed_origins: Sequence[str]) -> list[str]
|
|||
)
|
||||
|
||||
return credentialed_origins
|
||||
|
||||
|
||||
def credentialed_cors_allow_origin_regex(allowed_origin_regex: str | None) -> str | None:
|
||||
if allowed_origin_regex is None:
|
||||
return None
|
||||
|
||||
stripped_origin_regex = allowed_origin_regex.strip()
|
||||
return stripped_origin_regex or None
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ from starlette_context.middleware import RawContextMiddleware
|
|||
from starlette_context.plugins.base import Plugin
|
||||
|
||||
from skyvern.config import _ensure_sqlite_dir, settings
|
||||
from skyvern.cors import credentialed_cors_allow_origins
|
||||
from skyvern.cors import credentialed_cors_allow_origin_regex, credentialed_cors_allow_origins
|
||||
from skyvern.exceptions import SkyvernHTTPException
|
||||
from skyvern.forge import app as forge_app
|
||||
from skyvern.forge.forge_app_initializer import start_forge_app
|
||||
|
|
@ -64,6 +64,7 @@ def add_credentialed_cors_middleware(fastapi_app: FastAPI) -> None:
|
|||
allow_credentials=True,
|
||||
allow_methods=["*"],
|
||||
allow_headers=["*"],
|
||||
allow_origin_regex=credentialed_cors_allow_origin_regex(settings.ALLOWED_ORIGIN_REGEX),
|
||||
)
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
from skyvern.cors import credentialed_cors_allow_origins
|
||||
from skyvern.cors import credentialed_cors_allow_origin_regex, credentialed_cors_allow_origins
|
||||
|
||||
|
||||
def test_credentialed_cors_allow_origins_drops_wildcards() -> None:
|
||||
|
|
@ -10,3 +10,11 @@ def test_credentialed_cors_allow_origins_drops_wildcards() -> None:
|
|||
"",
|
||||
]
|
||||
) == ["https://app.example.test"]
|
||||
|
||||
|
||||
def test_credentialed_cors_allow_origin_regex_normalizes_blank_values() -> None:
|
||||
assert credentialed_cors_allow_origin_regex(None) is None
|
||||
assert credentialed_cors_allow_origin_regex(" ") is None
|
||||
assert credentialed_cors_allow_origin_regex(r" \Ahttps://app\.example\.test\Z ") == (
|
||||
r"\Ahttps://app\.example\.test\Z"
|
||||
)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue