-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cleanup tonic-web cors support and replace it with tower-http #1122
Comments
slinkydeveloper
added a commit
to slinkydeveloper/tonic
that referenced
this issue
Oct 25, 2022
…-http `CorsLayer`. Fix hyperium#1122 Signed-off-by: slinkydeveloper <[email protected]>
slinkydeveloper
added a commit
to slinkydeveloper/tonic
that referenced
this issue
Oct 25, 2022
…-http `CorsLayer`. Fix hyperium#1122 Signed-off-by: slinkydeveloper <[email protected]>
slinkydeveloper
added a commit
to slinkydeveloper/tonic
that referenced
this issue
Oct 25, 2022
…-http `CorsLayer`. Fix hyperium#1122 Signed-off-by: slinkydeveloper <[email protected]>
slinkydeveloper
added a commit
to slinkydeveloper/tonic
that referenced
this issue
Oct 25, 2022
…-http `CorsLayer`. Fix hyperium#1122 Signed-off-by: slinkydeveloper <[email protected]>
Ok finally got to reading this and it all makes sense to me! |
slinkydeveloper
added a commit
to slinkydeveloper/tonic
that referenced
this issue
Oct 31, 2022
…-http `CorsLayer`. Fix hyperium#1122 Signed-off-by: slinkydeveloper <[email protected]>
slinkydeveloper
added a commit
to slinkydeveloper/tonic
that referenced
this issue
Oct 31, 2022
…-http `CorsLayer`. Fix hyperium#1122 Signed-off-by: slinkydeveloper <[email protected]>
LucioFranco
pushed a commit
that referenced
this issue
Oct 31, 2022
…#1123) Fix #1122, see the issue for more details. Signed-off-by: slinkydeveloper <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Motivation
The CORS code in tonic-web is not 100% compliant with cors spec and cannot be detached from the rest of the tonic-web protocol implementation. This can be problematic for some use cases where the tonic-web layer is just a part of the server, and some other cors layer is used before (as far as i understand in particular for https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests).
Some other grpc-web implementations where cors is separate from the protocol implementation:
How
As described here: #1119 (comment). the idea is to:
tonic_web::enable
composesCorsLayer
from tonic-http andGrpcWebLayer
introduced by Implement tower::Layer for tonic_web::Config #1119. If a user wants more control over theCorsLayer
, they can just instantiate manuallyGrpcWebLayer
and compose it with whatever configured cors layer they want (not necessarily the one provided by tower-http)Breaking changes
Config
gets removedNotes
tonic/tonic-web/src/service.rs
Line 300 in b409ddd
This because in the preflight request the server just replies back to the browser with its cors configuration, then it's up to the browser to figure out whether it should proceed or not with the actual request.
The text was updated successfully, but these errors were encountered: