Skip to content

Commit

Permalink
Adjusting reapply_cors logic to return the first match rather than th…
Browse files Browse the repository at this point in the history
…e specified origin header
  • Loading branch information
alexcottner committed Nov 21, 2024
1 parent 8e9f42d commit 7221222
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions kinto/core/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -262,8 +262,9 @@ def reapply_cors(request, response):
settings = request.registry.settings
allowed_origins = set(aslist(settings["cors_origins"]))
required_origins = {"*", origin}
if allowed_origins.intersection(required_origins):
response.headers["Access-Control-Allow-Origin"] = origin
matches = allowed_origins.intersection(required_origins)
if matches:
response.headers["Access-Control-Allow-Origin"] = matches.pop()

# Import service here because kinto.core import utils
from kinto.core import Service
Expand Down

0 comments on commit 7221222

Please sign in to comment.