open-banking-gateway icon indicating copy to clipboard operation
open-banking-gateway copied to clipboard

Published 20 hours ago verified publisher icon adorsys

Control CORS at gateway/load balancer level (i.e. in HAProxy etc.)

Open max402 opened this issue 4 years ago • 3 comments

Now we're using temporary solution which allows all other resources @CrossOrigin(origins = "*") For better security it should be handled at gateway level

max402 avatar Jan 07 '20 10:01 max402

This would require to reconfigure openshift on cluster level. The admin team will not permit us to achieve these changes.

The only solution would be to deploy another HAProxy inside our project. But I strongly advise to do CORS setup on application level instead.

@valb3r I know that you would really prefer it on environment level :) But can you go with that?

tnein avatar Mar 02 '20 15:03 tnein

@tnein I can go with it but in general, I would expect that we will need to have a more flexible load balancer. The current environment is no-go for production (the production that may include sticky sessions for efficient caching), but it is fine for the MVP.

valb3r avatar Mar 02 '20 15:03 valb3r

https://jira.adorsys.de/browse/OBG-75

gatiskalnins avatar Sep 02 '21 13:09 gatiskalnins