rostgaard
commented
10 years ago I suggest we use the JSON file -> HashMap -> SIGHUP dance for this one.
Open rostgaard opened 11 years ago
rostgaard
commented
10 years ago I suggest we use the JSON file -> HashMap -> SIGHUP dance for this one.
Only add the Access_Control_Allow_Origin and Access_Control_Allow_Credentials headers to the response if the given Origin header is valid.
The whitelist could be maintained as a table in the PostgreSQL database, and then cached locally by Alice. Just remember that this is a lookup that will happen on every single request to Alice, so it needs to be fast.