diff options
| author | Alexey Efimov <xeno@prnwatch.com> | 2022-02-22 13:34:54 +0300 |
|---|---|---|
| committer | Alexey Efimov <xeno@prnwatch.com> | 2022-02-22 13:34:54 +0300 |
| commit | 2ca017227cbb6bcefb711bacdd33bed5b831282c (patch) | |
| tree | a5507933438177e6d3d95849cd75ed04080583ba | |
| parent | 373ccab9dcf81e8b7739c3e57bca4fbaf0faf343 (diff) | |
| download | ydb-2ca017227cbb6bcefb711bacdd33bed5b831282c.tar.gz | |
change CORS handling KIKIMR-14403
ref:157d9ee8eedfc00b0c50ddd06b653c9f9726fd74
29 files changed, 100 insertions, 58 deletions
diff --git a/ydb/core/mind/hive/monitoring.cpp b/ydb/core/mind/hive/monitoring.cpp index ecd6a4c2c3..7e9a83b354 100644 --- a/ydb/core/mind/hive/monitoring.cpp +++ b/ydb/core/mind/hive/monitoring.cpp @@ -1495,8 +1495,7 @@ public: if (down && $(element).hasClass('glyphicon-ok')) { $(element).removeClass('glyphicon-ok'); element.inProgress = true; - $.ajax({url:'app?TabletID=' + hiveId + '&node=' + nodeId + '&page=SetDown& - =1', success: function(){ $(element).addClass('glyphicon-remove'); element.inProgress = false; }}); + $.ajax({url:'app?TabletID=' + hiveId + '&node=' + nodeId + '&page=SetDown&down=1', success: function(){ $(element).addClass('glyphicon-remove'); element.inProgress = false; }}); } else if (!down && $(element).hasClass('glyphicon-remove')) { $(element).removeClass('glyphicon-remove'); element.inProgress = true; diff --git a/ydb/core/mon/mon.cpp b/ydb/core/mon/mon.cpp index d4722266f3..8b1ea22303 100644 --- a/ydb/core/mon/mon.cpp +++ b/ydb/core/mon/mon.cpp @@ -151,11 +151,19 @@ namespace NActors { if (type.empty()) { type = "application/json"; } - Result.SetValue(MakeHolder<NMon::TEvHttpInfoRes>( - "HTTP/1.1 204 No Content\r\n" - "Allow: OPTIONS, GET, POST\r\n" - "Content-Type: " + type + "\r\n" - "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + TString origin = TString(Request.GetHeader("Origin")); + if (origin.empty()) { + origin = "*"; + } + TStringBuilder response; + response << "HTTP/1.1 204 No Content\r\n" + "Access-Control-Allow-Origin: " << origin << "\r\n" + "Access-Control-Allow-Credentials: true\r\n" + "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n" + "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n" + "Content-Type: " + type + "\r\n" + "Connection: Keep-Alive\r\n\r\n"; + Result.SetValue(MakeHolder<NMon::TEvHttpInfoRes>(response, 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } @@ -167,7 +175,15 @@ namespace NActors { body << "<p>" << error << "</p>"; } body << "</body></html>"; + TString origin = TString(Request.GetHeader("Origin")); + if (origin.empty()) { + origin = "*"; + } response << "HTTP/1.1 401 Unauthorized\r\n"; + response << "Access-Control-Allow-Origin: " << origin << "\r\n"; + response << "Access-Control-Allow-Credentials: true\r\n"; + response << "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n"; + response << "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n"; response << "Content-Type: text/html\r\n"; response << "Content-Length: " << body.Size() << "\r\n"; response << "\r\n"; diff --git a/ydb/core/viewer/json_browse.h b/ydb/core/viewer/json_browse.h index cba672826e..53f95f1034 100644 --- a/ydb/core/viewer/json_browse.h +++ b/ydb/core/viewer/json_browse.h @@ -189,7 +189,7 @@ public: } TProtoToJson::ProtoToJson(json, browseInfo, JsonSettings); } - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_bscontrollerinfo.h b/ydb/core/viewer/json_bscontrollerinfo.h index 5df47ed553..1daafd2368 100644 --- a/ydb/core/viewer/json_bscontrollerinfo.h +++ b/ydb/core/viewer/json_bscontrollerinfo.h @@ -62,7 +62,7 @@ public: } else { json << "null"; } - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_cluster.h b/ydb/core/viewer/json_cluster.h index 36b5362a45..80f2f4897a 100644 --- a/ydb/core/viewer/json_cluster.h +++ b/ydb/core/viewer/json_cluster.h @@ -391,7 +391,7 @@ public: pbCluster.SetName(itMax->first); } TProtoToJson::ProtoToJson(json, pbCluster, JsonSettings); - ctx.Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_compute.h b/ydb/core/viewer/json_compute.h index 980b8bfc1e..d9d32b571d 100644 --- a/ydb/core/viewer/json_compute.h +++ b/ydb/core/viewer/json_compute.h @@ -348,7 +348,7 @@ public: Result.SetOverall(NKikimrViewer::EFlag::Green); TStringStream json; TProtoToJson::ProtoToJson(json, Result, JsonSettings); - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_config.h b/ydb/core/viewer/json_config.h index 7e501d5afb..d9c3348a59 100644 --- a/ydb/core/viewer/json_config.h +++ b/ydb/core/viewer/json_config.h @@ -35,7 +35,7 @@ public: config.MutableNameserviceConfig()->ClearAcceptUUID(); config.ClearAuthConfig(); TProtoToJson::ProtoToJson(json, config); - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } }; diff --git a/ydb/core/viewer/json_counters.h b/ydb/core/viewer/json_counters.h index cac1e0885c..c56719c77d 100644 --- a/ydb/core/viewer/json_counters.h +++ b/ydb/core/viewer/json_counters.h @@ -17,7 +17,7 @@ class TJsonCounters : public TActorBootstrapped<TJsonCounters> { using TThis = TJsonCounters; using TBase = TActorBootstrapped<TJsonCounters>; IViewer* Viewer; - TActorId Initiator; + NMon::TEvHttpInfo::TPtr Event; ui32 Requested; ui32 Received; THolder<TEvInterconnect::TEvNodesInfo> NodesInfo; @@ -33,7 +33,7 @@ public: TJsonCounters(IViewer* viewer, NMon::TEvHttpInfo::TPtr& ev) : Viewer(viewer) - , Initiator(ev->Sender) + , Event(ev) , Requested(0) , Received(0) {} @@ -421,12 +421,12 @@ public: json << ']'; json << '}'; - ctx.Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } void Timeout(const TActorContext& ctx) { - ctx.Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPGATEWAYTIMEOUT(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPGATEWAYTIMEOUT(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } }; diff --git a/ydb/core/viewer/json_describe.h b/ydb/core/viewer/json_describe.h index 05ef441f8f..d095783b73 100644 --- a/ydb/core/viewer/json_describe.h +++ b/ydb/core/viewer/json_describe.h @@ -87,7 +87,7 @@ public: void ReplyAndPassAway() { TStringStream json; - TString headers = Viewer->GetHTTPOKJSON(); + TString headers = Viewer->GetHTTPOKJSON(Event->Get()); if (DescribeResult != nullptr) { TProtoToJson::ProtoToJson(json, DescribeResult->GetRecord(), JsonSettings); switch (DescribeResult->GetRecord().GetStatus()) { diff --git a/ydb/core/viewer/json_healthcheck.h b/ydb/core/viewer/json_healthcheck.h index 2419c5b8b1..2f0e5efa73 100644 --- a/ydb/core/viewer/json_healthcheck.h +++ b/ydb/core/viewer/json_healthcheck.h @@ -67,7 +67,7 @@ public: void Handle(NHealthCheck::TEvSelfCheckResult::TPtr& ev) { TStringStream json; TProtoToJson::ProtoToJson(json, ev->Get()->Result, JsonSettings); - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_hiveinfo.h b/ydb/core/viewer/json_hiveinfo.h index f4d04ddfaf..0fa58d281d 100644 --- a/ydb/core/viewer/json_hiveinfo.h +++ b/ydb/core/viewer/json_hiveinfo.h @@ -91,7 +91,7 @@ public: } else { json << "null"; } - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_hivestats.h b/ydb/core/viewer/json_hivestats.h index 7f24693d63..4c2e623006 100644 --- a/ydb/core/viewer/json_hivestats.h +++ b/ydb/core/viewer/json_hivestats.h @@ -69,7 +69,7 @@ public: } else { json << "null"; } - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_hotkeys.h b/ydb/core/viewer/json_hotkeys.h index 290e385a9b..714a9aa17c 100644 --- a/ydb/core/viewer/json_hotkeys.h +++ b/ydb/core/viewer/json_hotkeys.h @@ -137,7 +137,7 @@ public: } void ReplyAndPassAway() { - TString headers = Viewer->GetHTTPOKJSON(); + TString headers = Viewer->GetHTTPOKJSON(Event->Get()); if (DescribeResult != nullptr) { switch (DescribeResult->GetRecord().GetStatus()) { case NKikimrScheme::StatusAccessDenied: diff --git a/ydb/core/viewer/json_labeledcounters.h b/ydb/core/viewer/json_labeledcounters.h index 6fce18b32b..00fbc7467f 100644 --- a/ydb/core/viewer/json_labeledcounters.h +++ b/ydb/core/viewer/json_labeledcounters.h @@ -137,7 +137,7 @@ public: void ReplyAndDie(const TActorContext &ctx) { TStringStream json; TProtoToJson::ProtoToJson(json, LabeledCountersResult, JsonSettings); - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_metainfo.h b/ydb/core/viewer/json_metainfo.h index 54064d7403..f507909e24 100644 --- a/ydb/core/viewer/json_metainfo.h +++ b/ydb/core/viewer/json_metainfo.h @@ -109,7 +109,7 @@ public: void ReplyAndDie(const TActorContext &ctx) { TStringStream json; TProtoToJson::ProtoToJson(json, MetaInfo, JsonSettings); - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_netinfo.h b/ydb/core/viewer/json_netinfo.h index 3d7c3835a0..8d4ab1ddee 100644 --- a/ydb/core/viewer/json_netinfo.h +++ b/ydb/core/viewer/json_netinfo.h @@ -290,7 +290,7 @@ public: result.SetOverall(NKikimrViewer::EFlag::Green); TStringStream json; TProtoToJson::ProtoToJson(json, result, JsonSettings); - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_nodelist.h b/ydb/core/viewer/json_nodelist.h index 504ed152d8..7512294151 100644 --- a/ydb/core/viewer/json_nodelist.h +++ b/ydb/core/viewer/json_nodelist.h @@ -74,7 +74,7 @@ public: } } } - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + NJson::WriteJson(json, false), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + NJson::WriteJson(json, false), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_nodes.h b/ydb/core/viewer/json_nodes.h index bfc0bae0e2..4c4ded0b96 100644 --- a/ydb/core/viewer/json_nodes.h +++ b/ydb/core/viewer/json_nodes.h @@ -321,7 +321,7 @@ public: TStringStream json; TProtoToJson::ProtoToJson(json, nodesInfo, JsonSettings); - Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_pqconsumerinfo.h b/ydb/core/viewer/json_pqconsumerinfo.h index b98dfc2632..722fbce8d4 100644 --- a/ydb/core/viewer/json_pqconsumerinfo.h +++ b/ydb/core/viewer/json_pqconsumerinfo.h @@ -95,7 +95,7 @@ public: void ReplyAndDie(const TActorContext &ctx) { TStringStream json; TProtoToJson::ProtoToJson(json, Result.GetMetaResponse(), JsonSettings); - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_query.h b/ydb/core/viewer/json_query.h index 600d8088e1..4926a8c6c1 100644 --- a/ydb/core/viewer/json_query.h +++ b/ydb/core/viewer/json_query.h @@ -207,7 +207,7 @@ private: NKikimrKqp::TEvQueryResponse& record = ev->Get()->Record.GetRef(); if (record.GetYdbStatus() == Ydb::StatusIds::SUCCESS) { const auto& response = record.GetResponse(); - out << Viewer->GetHTTPOKJSON(); + out << Viewer->GetHTTPOKJSON(Event->Get()); if (!Stats.empty()) { out << "{\"result\":"; } diff --git a/ydb/core/viewer/json_storage.h b/ydb/core/viewer/json_storage.h index 76e5d2f5e8..fa9380776e 100644 --- a/ydb/core/viewer/json_storage.h +++ b/ydb/core/viewer/json_storage.h @@ -555,7 +555,7 @@ public: }; } TProtoToJson::ProtoToJson(json, StorageInfo, JsonSettings); - Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_tabletcounters.h b/ydb/core/viewer/json_tabletcounters.h index 7f39910441..19202d95d1 100644 --- a/ydb/core/viewer/json_tabletcounters.h +++ b/ydb/core/viewer/json_tabletcounters.h @@ -157,7 +157,7 @@ public: } else { json << "null"; } - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_tenantinfo.h b/ydb/core/viewer/json_tenantinfo.h index 749422ba39..9a27f8e968 100644 --- a/ydb/core/viewer/json_tenantinfo.h +++ b/ydb/core/viewer/json_tenantinfo.h @@ -499,7 +499,7 @@ public: } TStringStream json; TProtoToJson::ProtoToJson(json, Result, JsonSettings); - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_tenants.h b/ydb/core/viewer/json_tenants.h index 762d5e3b43..098d15813c 100644 --- a/ydb/core/viewer/json_tenants.h +++ b/ydb/core/viewer/json_tenants.h @@ -90,7 +90,7 @@ public: void ReplyAndPassAway() { TStringStream json; TProtoToJson::ProtoToJson(json, Result, JsonSettings); - Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); PassAway(); } diff --git a/ydb/core/viewer/json_topicinfo.h b/ydb/core/viewer/json_topicinfo.h index cbf42ee727..78df6b4b1f 100644 --- a/ydb/core/viewer/json_topicinfo.h +++ b/ydb/core/viewer/json_topicinfo.h @@ -82,7 +82,7 @@ public: void ReplyAndDie(const TActorContext &ctx) { TStringStream json; TProtoToJson::ProtoToJson(json, TopicInfoResult, JsonSettings); - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/json_wb_req.h b/ydb/core/viewer/json_wb_req.h index f04c85688f..60070961be 100644 --- a/ydb/core/viewer/json_wb_req.h +++ b/ydb/core/viewer/json_wb_req.h @@ -354,7 +354,7 @@ public: } json << '}'; } - TBase::Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + TBase::Send(Initiator, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); } catch (const std::exception& e) { TBase::Send(Initiator, new NMon::TEvHttpInfoRes(TString("HTTP/1.1 400 Bad Request\r\n\r\n") + e.what(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); } diff --git a/ydb/core/viewer/json_whoami.h b/ydb/core/viewer/json_whoami.h index b490a6930f..fea374b41d 100644 --- a/ydb/core/viewer/json_whoami.h +++ b/ydb/core/viewer/json_whoami.h @@ -39,7 +39,7 @@ public: Y_PROTOBUF_SUPPRESS_NODISCARD userToken.ParseFromString(Event->Get()->UserToken); TStringStream json; TProtoToJson::ProtoToJson(json, userToken, JsonSettings); - ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON() + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom)); Die(ctx); } diff --git a/ydb/core/viewer/viewer.cpp b/ydb/core/viewer/viewer.cpp index f1124115bf..c1d16c97b8 100644 --- a/ydb/core/viewer/viewer.cpp +++ b/ydb/core/viewer/viewer.cpp @@ -172,6 +172,8 @@ public: auto whiteboardServiceId = NNodeWhiteboard::MakeNodeWhiteboardServiceId(ctx.SelfID.NodeId()); ctx.Send(whiteboardServiceId, new NNodeWhiteboard::TEvWhiteboard::TEvSystemStateAddEndpoint("http-mon", Sprintf(":%d", mon->GetListenPort()))); + AllowOrigin = KikimrRunConfig.AppConfig.GetMonitoringConfig().GetAllowOrigin(); + TWhiteboardInfo<TEvWhiteboard::TEvNodeStateResponse>::InitMerger(); TWhiteboardInfo<TEvWhiteboard::TEvBSGroupStateResponse>::InitMerger(); @@ -213,6 +215,9 @@ public: return KikimrRunConfig; } + TString GetHTTPOKJSON(const NMon::TEvHttpInfo* request) override; + TString GetHTTPGATEWAYTIMEOUT() override; + void RegisterVirtualHandler( NKikimrViewer::EObjectType parentObjectType, TVirtualHandlerType handler) override { @@ -246,6 +251,7 @@ private: const TKikimrRunConfig KikimrRunConfig; std::unordered_multimap<NKikimrViewer::EObjectType, TVirtualHandler> VirtualHandlersByParentType; std::unordered_map<NKikimrViewer::EObjectType, TContentHandler> ContentHandlers; + TString AllowOrigin; STFUNC(StateWork) { switch (ev->GetTypeRewrite()) { @@ -382,23 +388,35 @@ private: if (type.empty()) { type = "application/json"; } - TString allowOrigin = KikimrRunConfig.AppConfig.GetMonitoringConfig().GetAllowOrigin(); - if (allowOrigin) { + if (AllowOrigin) { ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes( - "HTTP/1.1 204 No Content\r\n" - "Access-Control-Allow-Origin: " + allowOrigin + "\r\n" - "Access-Control-Allow-Credentials: true\r\n" - "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n" - "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n" - "Allow: OPTIONS, GET, POST\r\n" - "Content-Type: " + type + "\r\n" - "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + "HTTP/1.1 204 No Content\r\n" + "Access-Control-Allow-Origin: " + AllowOrigin + "\r\n" + "Access-Control-Allow-Credentials: true\r\n" + "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n" + "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n" + "Allow: OPTIONS, GET, POST\r\n" + "Content-Type: " + type + "\r\n" + "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom)); } else { - ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes( - "HTTP/1.1 204 No Content\r\n" - "Allow: OPTIONS, GET, POST\r\n" - "Content-Type: " + type + "\r\n" - "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + TString origin = TString(msg->Request.GetHeader("Origin")); + if (!origin.empty()) { + ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes( + "HTTP/1.1 204 No Content\r\n" + "Access-Control-Allow-Origin: " + origin + "\r\n" + "Access-Control-Allow-Credentials: true\r\n" + "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n" + "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n" + "Allow: OPTIONS, GET, POST\r\n" + "Content-Type: " + type + "\r\n" + "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + } else { + ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes( + "HTTP/1.1 204 No Content\r\n" + "Allow: OPTIONS, GET, POST\r\n" + "Content-Type: " + type + "\r\n" + "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom)); + } } return; } @@ -493,13 +511,22 @@ IActor* CreateViewer(const TKikimrRunConfig &kikimrRunConfig) { return new TViewer(kikimrRunConfig); } -TString IViewer::GetHTTPOKJSON() { - const auto& kikimrRunConfig = GetKikimrRunConfig(); - TString allowOrigin = kikimrRunConfig.AppConfig.GetMonitoringConfig().GetAllowOrigin(); - if (allowOrigin) { +TString TViewer::GetHTTPOKJSON(const NMon::TEvHttpInfo* request) { + if (AllowOrigin) { + return TStringBuilder() + << "HTTP/1.1 200 Ok\r\n" + << "Access-Control-Allow-Origin: " << AllowOrigin << "\r\n" + << "Access-Control-Allow-Credentials: true\r\n" + << "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n" + << "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n" + << "Content-Type: application/json; charset=utf-8\r\n" + << "Connection: Close\r\n" + << "X-Worker-Name: " << FQDNHostName() << ":" << CurrentMonitoringPort << "\r\n" + << "\r\n"; + } else if (request && request->Request.GetHeaders().HasHeader("Origin")) { return TStringBuilder() << "HTTP/1.1 200 Ok\r\n" - << "Access-Control-Allow-Origin: " << allowOrigin << "\r\n" + << "Access-Control-Allow-Origin: " << request->Request.GetHeader("Origin") << "\r\n" << "Access-Control-Allow-Credentials: true\r\n" << "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept\r\n" << "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n" @@ -517,7 +544,7 @@ TString IViewer::GetHTTPOKJSON() { } } -TString IViewer::GetHTTPGATEWAYTIMEOUT() { +TString TViewer::GetHTTPGATEWAYTIMEOUT() { return TStringBuilder() << "HTTP/1.1 504 Gateway Time-out\r\nConnection: Close\r\n" << "X-Worker-Name: " << FQDNHostName() << ":" << CurrentMonitoringPort << "\r\n" diff --git a/ydb/core/viewer/viewer.h b/ydb/core/viewer/viewer.h index ab34762e3e..5b14a9e4a5 100644 --- a/ydb/core/viewer/viewer.h +++ b/ydb/core/viewer/viewer.h @@ -113,8 +113,8 @@ public: NKikimrViewer::EObjectType objectType, const TContentHandler& handler) = 0; - TString GetHTTPOKJSON(); - TString GetHTTPGATEWAYTIMEOUT(); + virtual TString GetHTTPOKJSON(const NMon::TEvHttpInfo* request) = 0; + virtual TString GetHTTPGATEWAYTIMEOUT() = 0; }; void SetupPQVirtualHandlers(IViewer* viewer); |