From 7ed7f96a2faf562906651fbe1d48361ac5b6a9a4 Mon Sep 17 00:00:00 2001 From: Bryan Stitt Date: Sun, 25 Sep 2022 04:26:13 +0000 Subject: [PATCH] very permissive cors policy --- TODO.md | 4 ++++ web3_proxy/Cargo.toml | 3 ++- web3_proxy/src/frontend/mod.rs | 3 +++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/TODO.md b/TODO.md index 52dc6167..49b121f4 100644 --- a/TODO.md +++ b/TODO.md @@ -390,3 +390,7 @@ in another repo: event subscriber - [ ] Ulid instead of Uuid for database ids - might have to use Uuid in sea-orm and then convert to Ulid on display - [ ] emit stat when an IP/key goes over rate limits +- [ ] readme command should run create_user commands via docker-compose +- [ ] helper for UUID <-> ULID +- [ ] Wrapping extractors in Result makes them optional and gives you the reason the extraction failed +- [ ] save errors if there is a cache hit? diff --git a/web3_proxy/Cargo.toml b/web3_proxy/Cargo.toml index 450f23a2..f352d92d 100644 --- a/web3_proxy/Cargo.toml +++ b/web3_proxy/Cargo.toml @@ -65,8 +65,9 @@ tokio = { version = "1.21.1", features = ["full", "tracing"] } tokio-stream = { version = "0.1.10", features = ["sync"] } toml = "0.5.9" tower = "0.4.13" +# TODO: i don't think we need this. we can use it from tower-http instead. though this seems to use ulid and not uuid? tower-request-id = "0.2.0" -tower-http = { version = "0.3.4", features = ["trace"] } +tower-http = { version = "0.3.4", features = ["cors", "trace"] } tracing = "0.1.36" # TODO: tracing-subscriber has serde and serde_json features that we might want to use tracing-subscriber = { version = "0.3.15", features = ["env-filter", "parking_lot"] } diff --git a/web3_proxy/src/frontend/mod.rs b/web3_proxy/src/frontend/mod.rs index 5a7c4e37..11bfd582 100644 --- a/web3_proxy/src/frontend/mod.rs +++ b/web3_proxy/src/frontend/mod.rs @@ -15,6 +15,7 @@ use axum::{ }; use std::net::SocketAddr; use std::sync::Arc; +use tower_http::cors::CorsLayer; use tower_http::trace::TraceLayer; use tower_request_id::{RequestId, RequestIdLayer}; use tracing::{error_span, info}; @@ -73,6 +74,8 @@ pub async fn serve(port: u16, proxy_app: Arc) -> anyhow::Result<() .layer(Extension(proxy_app)) // add the request id to our tracing logs .layer(request_tracing_layer) + // handle cors + .layer(CorsLayer::very_permissive()) // create a unique id for each request .layer(RequestIdLayer) // 404 for any unknown routes