update ceph source to reef 18.2.1

[ceph.git] / ceph / src / pybind / mgr / dashboard / services / auth.py

diff --git a/ceph/src/pybind/mgr/dashboard/services/auth.py b/ceph/src/pybind/mgr/dashboard/services/auth.py
index 8ae897cebd8d4997116c01672a4a7c3cc76df15b..f13963abffdd48341974232bec58dc39d3ba117d 100644 (file)
--- a/ceph/src/pybind/mgr/dashboard/services/auth.py
+++ b/ceph/src/pybind/mgr/dashboard/services/auth.py
@@ -183,6 +183,16 @@ class AuthManagerTool(cherrypy.Tool):
             if user:
                 self._check_authorization(user.username)
                 return
+
+        resp_head = cherrypy.response.headers
+        req_head = cherrypy.request.headers
+        req_header_cross_origin_url = req_head.get('Access-Control-Allow-Origin')
+        cross_origin_urls = mgr.get_module_option('cross_origin_url', '')
+        cross_origin_url_list = [url.strip() for url in cross_origin_urls.split(',')]
+
+        if req_header_cross_origin_url in cross_origin_url_list:
+            resp_head['Access-Control-Allow-Origin'] = req_header_cross_origin_url
+
         self.logger.debug('Unauthorized access to %s',
                           cherrypy.url(relative='server'))
         raise cherrypy.HTTPError(401, 'You are not authorized to access '