diff options
author | John Estabrook <jestabro@vyos.io> | 2022-11-06 09:31:13 -0600 |
---|---|---|
committer | John Estabrook <jestabro@vyos.io> | 2022-11-06 09:31:13 -0600 |
commit | e1d9982c7b463b173cc8c261f61a9447ace62898 (patch) | |
tree | 430279cad921241e89c1f87022293f60c6175077 | |
parent | acf2c24f8eec0918ca419db68196c76dc827f197 (diff) | |
download | vyos-1x-e1d9982c7b463b173cc8c261f61a9447ace62898.tar.gz vyos-1x-e1d9982c7b463b173cc8c261f61a9447ace62898.zip |
graphql: T4803: allow 'Authorization' header in CORS middleware
-rwxr-xr-x | src/services/vyos-http-api-server | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index 3c390d9dc..60ea9a5ee 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -659,10 +659,18 @@ def graphql_init(fast_api_app): if app.state.vyos_origins: origins = app.state.vyos_origins - app.add_route('/graphql', CORSMiddleware(GraphQL(schema, context_value=get_user_context, debug=True, introspection=in_spec), allow_origins=origins, allow_methods=("GET", "POST", "OPTIONS"))) + app.add_route('/graphql', CORSMiddleware(GraphQL(schema, + context_value=get_user_context, + debug=True, + introspection=in_spec), + allow_origins=origins, + allow_methods=("GET", "POST", "OPTIONS"), + allow_headers=("Authorization",))) else: - app.add_route('/graphql', GraphQL(schema, context_value=get_user_context, debug=True, introspection=in_spec)) - + app.add_route('/graphql', GraphQL(schema, + context_value=get_user_context, + debug=True, + introspection=in_spec)) ### if __name__ == '__main__': |