Merge pull request #2307 from ZBoxApp/PLT-2112

PLT-2112: Allow CORS
author: Joram Wilander <jwawilander@gmail.com> 2016-03-04 08:08:55 -0500
committer: Joram Wilander <jwawilander@gmail.com> 2016-03-04 08:08:55 -0500
commit: d1b1148ea8a0290a66ef7c75d1910c2558fa6186 (patch)
tree: 50a696f00700fca4f82459a1a7475d7bba6fcc4c /web
parent: 763a477c3f5de5180d5302186e06d740f8834446 (diff)
parent: 6b1abb404fc823be1bd0e2eeb21faaec25d03c99 (diff)
download: chat-d1b1148ea8a0290a66ef7c75d1910c2558fa6186.tar.gz
chat-d1b1148ea8a0290a66ef7c75d1910c2558fa6186.tar.bz2
chat-d1b1148ea8a0290a66ef7c75d1910c2558fa6186.zip
3 files changed, 41 insertions, 0 deletions
diff --git a/web/react/components/admin_console/service_settings.jsx b/web/react/components/admin_console/service_settings.jsx
index 047c7eb8d..9ed81b6a3 100644
--- a/web/react/components/admin_console/service_settings.jsx
+++ b/web/react/components/admin_console/service_settings.jsx
@@ -31,6 +31,10 @@ var holders = defineMessages({
         id: 'admin.service.sessionDaysEx',
         defaultMessage: 'Ex "30"'
     },
+    corsExample: {
+        id: 'admin.service.corsEx',
+        defaultMessage: 'http://example.com'
+    },
     saving: {
         id: 'admin.service.saving',
         defaultMessage: 'Saving Config...'
@@ -131,6 +135,8 @@ class ServiceSettings extends React.Component {
         config.ServiceSettings.SessionCacheInMinutes = SessionCacheInMinutes;
         ReactDOM.findDOMNode(this.refs.SessionCacheInMinutes).value = SessionCacheInMinutes;
 
+        config.ServiceSettings.AllowCorsFrom = ReactDOM.findDOMNode(this.refs.AllowCorsFrom).value.trim();
+
         Client.saveConfig(
             config,
             () => {
@@ -766,6 +772,35 @@ class ServiceSettings extends React.Component {
                     <div className='form-group'>
                         <label
                             className='control-label col-sm-4'
+                            htmlFor='AllowCorsFrom'
+                        >
+                            <FormattedMessage
+                                id='admin.service.corsTitle'
+                                defaultMessage='Allow Cross-origin Requests from:'
+                            />
+                        </label>
+                        <div className='col-sm-8'>
+                            <input
+                                type='text'
+                                className='form-control'
+                                id='AllowCorsFrom'
+                                ref='AllowCorsFrom'
+                                placeholder={formatMessage(holders.corsExample)}
+                                defaultValue={this.props.config.ServiceSettings.AllowCorsFrom}
+                                onChange={this.handleChange}
+                            />
+                            <p className='help-text'>
+                                <FormattedMessage
+                                    id='admin.service.corsDescription'
+                                    defaultMessage='Enable HTTP Cross origin request from a specific domain. Use "*" if you want to allow CORS from any domain or leave it blank to disable it.'
+                                />
+                            </p>
+                        </div>
+                    </div>
+
+                    <div className='form-group'>
+                        <label
+                            className='control-label col-sm-4'
                             htmlFor='SessionLengthWebInDays'
                         >
                             <FormattedMessage
diff --git a/web/static/i18n/en.json b/web/static/i18n/en.json
index 14ef0fb46..7c6a71259 100644
--- a/web/static/i18n/en.json
+++ b/web/static/i18n/en.json
@@ -277,6 +277,9 @@
   "admin.service.attemptTitle": "Maximum Login Attempts:",
   "admin.service.cmdsDesc": "When true, user created slash commands will be allowed.",
   "admin.service.cmdsTitle": "Enable Slash Commands: ",
+  "admin.service.corsEx": "http://example.com https://example.com",
+  "admin.service.corsDescription": "Enable HTTP Cross origin request from specific domains (separate by a spacebar). Use \"*\" if you want to allow CORS from any domain or leave it blank to disable it.",
+  "admin.service.corsTitle": "Allow Cross-origin Requests from:",
   "admin.service.developerDesc": "(Developer Option) When true, extra information around errors will be displayed in the UI.",
   "admin.service.developerTitle": "Enable Developer Mode: ",
   "admin.service.false": "false",
diff --git a/web/static/i18n/es.json b/web/static/i18n/es.json
index 09abcf530..dc012df14 100644
--- a/web/static/i18n/es.json
+++ b/web/static/i18n/es.json
@@ -277,6 +277,9 @@
   "admin.service.attemptTitle": "Máximo de intentos de conexión:",
   "admin.service.cmdsDesc": "Cuando es verdadero, se permite la creación de comandos de barra por usuarios.",
   "admin.service.cmdsTitle": "Habilitar Comandos de Barra: ",
+  "admin.service.corsEx": "http://ejemplo.com https://ejemplo.com",
+  "admin.service.corsDescription": "Habilita las solicitudes HTTP de origen cruzado para dominios en específico (separados por un espacio). Utiliza \"*\" si quieres habilitar CORS desde cualquier dominio o deja el campo en blanco para deshabilitarlo.",
+  "admin.service.corsTitle": "Permitir Solicitudes de Origen Cruzado desde:",
   "admin.service.developerDesc": "(Opción de Desarrollador) Cuando está asignado en verdadero, información extra sobre errores se muestra en el UI.",
   "admin.service.developerTitle": "Habilitar modo de Desarrollador: ",
   "admin.service.false": "falso",
author	Joram Wilander <jwawilander@gmail.com>	2016-03-04 08:08:55 -0500
committer	Joram Wilander <jwawilander@gmail.com>	2016-03-04 08:08:55 -0500
commit	d1b1148ea8a0290a66ef7c75d1910c2558fa6186 (patch)
tree	50a696f00700fca4f82459a1a7475d7bba6fcc4c /web
parent	763a477c3f5de5180d5302186e06d740f8834446 (diff)
parent	6b1abb404fc823be1bd0e2eeb21faaec25d03c99 (diff)
download	chat-d1b1148ea8a0290a66ef7c75d1910c2558fa6186.tar.gz chat-d1b1148ea8a0290a66ef7c75d1910c2558fa6186.tar.bz2 chat-d1b1148ea8a0290a66ef7c75d1910c2558fa6186.zip