Closed frak closed 6 years ago
@frak .env vars are strings only. If you need multiple, simply add more .env vars.
@frankdejonge thank you for your reply. If I understand you correctly, you are suggesting that I define a new env var for each CORS origin that I want to allow? The problem is that if I then want to add another CORS origin in a specific environment then I will need to change the code to add that parameter, and then provide a value for it across all environments. Or have I misunderstood?
I currently have the following config:
nelmio_cors:
paths:
'^/':
allow_credentials: true
allow_origin: ['%cors_origin%']
allow_headers: ['*']
allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
Are you suggesting I add another parameter as follows?
nelmio_cors:
paths:
'^/':
allow_credentials: true
allow_origin: ['%cors_origin%', '%extra_cors_origin%']
allow_headers: ['*']
allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
Also, what value could I use in environments that do not need an extra CORS origin?
Sorry if I am being dumb, I appreciate your time is precious.
@frak then you can just use the same value for both origins, no harm done 👍
OK. So in this case there is no benefit in using env vars as it requires a code change anyway. Thank you!
Alternatively you can use a regex origin like: ^https://(domain.nl|other.com)
I did not know that was possible - thank you!
The benefit is using env vars is still there, your app is configurable at run-time, you just need to plan ahead.
Its possible to use this feature in symfony 4.1 to have a comma separated list of values:
https://github.com/symfony/symfony/pull/25627
There is also a pending PR to allow advanced env vars to be used in config files (which would mean %env(json:CORS_DOMAINS)%
to work:
any news ?
any news?
I am trying to set more than one origin and I would ideally like to do this with environment variables to make it easy to change origins in different environments. However I am unaware of any way to define an environment variable as an array, and if I define an array looking string
['host1.com', 'host2.com']
then I get the error:[Symfony\Component\Config\Definition\Exception\InvalidTypeException] Invalid type for path "nelmio_cors.paths.^/.allow_origin". Expected array, but got string
I am more than happy to have a go at fixing this but was wondering what the best approach would be?