Friday, May 10, 2019

Follow up on Cors Issue

So the other day I realized that CORS does not take into consideration Networks; it only limits by connecting domain and as a result networkGroups have to either maintain ALOT of redundacny (and which are bound to have a hole eventually) or they have ZERO SOLUTIONS.

So I started fixing this in the framework.

I now have started to add 'networkGroups' as a configuration setting so depending on whether you have multiple VPNs, networks, etc, you can maintain CORS settings for all and associate endpoints with the networkGroups.

For example, if we define our 'networkGroups' as public & private, we can then associate them in CORS settings like such:

        includeEnvironments: ['development','test','production']
        excludeEnvironments: []
            public: ['http://localhost','http://localhost:8080','','']  
            private: ['http://localhost','http://localhost:8080','']  

This is how our allowedOrigins now looks for two separate networkGroups.

Now comes the COOL Part

Then we can associate the network group with the IOState files so that each set of endpoints has a setting of who networkGrp can access it:

    "NETWORKGRP": "public",
    "VALUES": { ...

This allows us to say 'Person' endpoints are all part of the 'public' networkGrp

No comments:

Post a Comment