forked from LBRYCommunity/lbry-sdk
allow Access-Control-Allow-Origin to be configurable
This commit is contained in:
parent
2fb71610a4
commit
ee00d1984a
2 changed files with 8 additions and 1 deletions
|
@ -163,6 +163,12 @@ ENVIRONMENT = Env(
|
|||
lbryum_wallet_dir=(str, default_lbryum_dir),
|
||||
use_auth_http=(bool, False),
|
||||
sd_download_timeout=(int, 3),
|
||||
# By default, daemon will block all cross origin requests
|
||||
# but if this is set, this value will be used for the
|
||||
# Access-Control-Allow-Origin. For example
|
||||
# set to '*' to allow all requests, or set to 'http://localhost:8080'
|
||||
# if you're running a test UI on that port
|
||||
allowed_origin=(str, ''),
|
||||
# TODO: this field is more complicated than it needs to be because
|
||||
# it goes through a Fee validator when loaded by the exchange rate
|
||||
# manager. Look into refactoring the exchange rate conversion to
|
||||
|
|
|
@ -209,7 +209,8 @@ class AuthJSONRPCServer(AuthorizedBase):
|
|||
log.debug(err.getTraceback())
|
||||
|
||||
def _set_headers(self, request, data, update_secret=False):
|
||||
request.setHeader("Access-Control-Allow-Origin", settings.API_INTERFACE)
|
||||
if settings.allowed_origin:
|
||||
request.setHeader("Access-Control-Allow-Origin", settings.allowed_origin)
|
||||
request.setHeader("Content-Type", "text/json")
|
||||
request.setHeader("Content-Length", str(len(data)))
|
||||
if update_secret:
|
||||
|
|
Loading…
Reference in a new issue