summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohn Estabrook <jestabro@vyos.io>2022-11-06 09:31:13 -0600
committerJohn Estabrook <jestabro@vyos.io>2022-11-06 09:31:13 -0600
commite1d9982c7b463b173cc8c261f61a9447ace62898 (patch)
tree430279cad921241e89c1f87022293f60c6175077
parentacf2c24f8eec0918ca419db68196c76dc827f197 (diff)
downloadvyos-1x-e1d9982c7b463b173cc8c261f61a9447ace62898.tar.gz
vyos-1x-e1d9982c7b463b173cc8c261f61a9447ace62898.zip
graphql: T4803: allow 'Authorization' header in CORS middleware
-rwxr-xr-xsrc/services/vyos-http-api-server14
1 files changed, 11 insertions, 3 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server
index 3c390d9dc..60ea9a5ee 100755
--- a/src/services/vyos-http-api-server
+++ b/src/services/vyos-http-api-server
@@ -659,10 +659,18 @@ def graphql_init(fast_api_app):
if app.state.vyos_origins:
origins = app.state.vyos_origins
- app.add_route('/graphql', CORSMiddleware(GraphQL(schema, context_value=get_user_context, debug=True, introspection=in_spec), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS")))
+ app.add_route('/graphql', CORSMiddleware(GraphQL(schema,
+ context_value=get_user_context,
+ debug=True,
+ introspection=in_spec),
+ allow_origins=origins,
+ allow_methods=("GET", "POST", "OPTIONS"),
+ allow_headers=("Authorization",)))
else:
- app.add_route('/graphql', GraphQL(schema, context_value=get_user_context, debug=True, introspection=in_spec))
-
+ app.add_route('/graphql', GraphQL(schema,
+ context_value=get_user_context,
+ debug=True,
+ introspection=in_spec))
###
if __name__ == '__main__':