steve
/
geoserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add CORS_ALLOW_CREDENTIALS env param that controls cors.support.credentials value, defaults to false, only applies if true and CORS_ALLOWED_ORIGINS is not wildcard. Update README with CORS env vars and PROXY_BASE_URL

pull/28/head
Nick Graziano 2023-08-31 10:20:05 -06:00
parent 7c36851a05
commit a20e2942b3
3 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -5,6 +5,7 @@ ARG CORS_ENABLED=false
ARG CORS_ALLOWED_ORIGINS=* ARG CORS_ALLOWED_ORIGINS=*
ARG CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS ARG CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS
ARG CORS_ALLOWED_HEADERS=* ARG CORS_ALLOWED_HEADERS=*
ARG CORS_ALLOW_CREDENTIALS=false
# Environment variables # Environment variables
ENV CATALINA_HOME=/opt/apache-tomcat-${TOMCAT_VERSION} ENV CATALINA_HOME=/opt/apache-tomcat-${TOMCAT_VERSION}
@ -13,6 +14,7 @@ ENV CORS_ENABLED=$CORS_ENABLED
ENV CORS_ALLOWED_ORIGINS=$CORS_ALLOWED_ORIGINS ENV CORS_ALLOWED_ORIGINS=$CORS_ALLOWED_ORIGINS
ENV CORS_ALLOWED_METHODS=$CORS_ALLOWED_METHODS ENV CORS_ALLOWED_METHODS=$CORS_ALLOWED_METHODS
ENV CORS_ALLOWED_HEADERS=$CORS_ALLOWED_HEADERS ENV CORS_ALLOWED_HEADERS=$CORS_ALLOWED_HEADERS
ENV CORS_ALLOW_CREDENTIALS=$CORS_ALLOW_CREDENTIALS
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# see https://docs.geoserver.org/stable/en/user/production/container.html # see https://docs.geoserver.org/stable/en/user/production/container.html

7
README.md
View File

@ -76,7 +76,12 @@ The ``startup.sh`` script allows some customization on startup:
* ``INSTALL_EXTENSIONS`` to ``true`` to download and install extensions * ``INSTALL_EXTENSIONS`` to ``true`` to download and install extensions
* ``STABLE_EXTENSIONS`` list of extensions to download and install * ``STABLE_EXTENSIONS`` list of extensions to download and install
* ``CORS_ENABLED`` * ``CORS_ENABLED`` to ``true`` to enable CORS support. The following environment variables can be used to customize the CORS configuration.
* ``CORS_ALLOWED_ORIGINS`` (default ``*``)
* ``CORS_ALLOWED_METHODS`` (default ``GET,POST,PUT,DELETE,HEAD,OPTIONS``)
* ``CORS_ALLOWED_HEADERS`` (default ``*``)
* ``CORS_ALLOW_CREDENTIALS`` (default ``false``) **Setting this to ``true`` will only have the desired effect if ``CORS_ALLOWED_ORIGINS`` defines explicit origins (not ``*``)**
* ``PROXY_BASE_URL`` to the base URL of the GeoServer web app if GeoServer is behind a proxy. Example: ``https://example.com/geoserver``.
Example installing wps and ysld extensions: Example installing wps and ysld extensions:

4
startup.sh
View File

@ -55,8 +55,8 @@ if [ "${CORS_ENABLED}" = "true" ]; then
if ! grep -q DockerGeoServerCorsFilter "$CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"; then if ! grep -q DockerGeoServerCorsFilter "$CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"; then
echo "Enable CORS for $CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml" echo "Enable CORS for $CATALINA_HOME/webapps/geoserver/WEB-INF/web.xml"
# Add support for access-control-allow-credentials when the origin is not a wildcard # Add support for access-control-allow-credentials when the origin is not a wildcard when specified via env var
if [ "${CORS_ALLOWED_ORIGINS}" != "*" ]; then if [ "${CORS_ALLOWED_ORIGINS}" != "*" ] && [ "${CORS_ALLOW_CREDENTIALS}" = "true" ]; then
CORS_ALLOW_CREDENTIALS="true" CORS_ALLOW_CREDENTIALS="true"
else else
CORS_ALLOW_CREDENTIALS="false" CORS_ALLOW_CREDENTIALS="false"