Azurite
Azurite copied to clipboard
Azurite doesn't check if CORS rules is too many when set service properties
Error Description: In Azure, it will return an error when set service properties with too many CORS rules. But in Azurite. it will set service properties successfully in this case. Azure error is shown as following:
To Reproduce: Please run the demo code as following:
import { BlobServiceClient, StorageSharedKeyCredential } from "@azure/storage-blob";
import { assert } from "chai";
async function main() {
const blobServiceClient = new BlobServiceClient("<Azurite-https-endpoint>", new StorageSharedKeyCredential("<account-name>", "<account-key>"));
const cors = new Array();
const newCORS = {
allowedHeaders: "*",
allowedMethods: "GET",
allowedOrigins: "example.com",
exposedHeaders: "*",
maxAgeInSeconds: 8888
};
for (let i = 0; i < 6; i++) {
cors.push(newCORS);
}
await blobServiceClient.setProperties({cors:cors});
}
main().catch((err) => {
assert.ok(err);
});
Expected Behavior: When set service properties with too many CORS rules, Azurite will return an error.
@jongio for notification.
@zzhxiaofeng
Thanks for reporting this issue! We will look at it.
Azurite welcome contribution. It would be great if you could raise a PR to fix it!
@blueww seems like CORS methods (e.g. GET, POST, PUT, etc.) are also not validated. So something else to fix for CORS validation as well.
@MRayermannMSFT Thanks for the feedback! We will evaluate it.
Azurite welcome contribution! It would be great if you could raise a PR to fix it! For blob service, the cors validation code can be added before this line: https://github.com/Azure/Azurite/blob/ffae5cd12df1bda64175181000d8cbc2b283247c/src/blob/handlers/ServiceHandler.ts#L115
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Would still like this fixed. :)