Bug 196709

Summary:

[ews-build] Scripts using Buildbot API have CORS error

Product:

WebKit

Reporter:

Aakash Jain <aakash_jain>

Component:

Tools / Tests

Assignee:

Aakash Jain <aakash_jain>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

aakash_jain, ap, commit-queue, lforschler, ryanhaddad, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

Other

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none

Description Aakash Jain 2019-04-08 14:45:38 PDT

Any script using Buildbot API will have CORS error, since buildbot is not setting CORS header appropriately. 

We need to set allowed_origins in Buildbot configuration as per: http://docs.buildbot.net/latest/manual/configuration/www.html#web-server

Comment 1 Aakash Jain 2019-04-08 14:45:45 PDT

<rdar://problem/49710473>

Comment 2 Aakash Jain 2019-04-08 14:48:43 PDT

Created attachment 366985 [details]
Patch

Comment 3 Alexey Proskuryakov 2019-04-08 15:03:02 PDT

Comment on attachment 366985 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=366985&action=review

> Tools/BuildSlaveSupport/ews-build/master.cfg:14
> +c['www'] = dict(port=8010, allowed_origins=["*"])

This has security considerations that I wouldn't want to think through unless I have to.

What are the scripts that hit the error? Only JavaScript running in the browser is strictly subject to CORS. Some scripting also enables those checks, but that can always be disabled.

Comment 4 Alexey Proskuryakov 2019-04-08 16:35:24 PDT

Comment on attachment 366985 [details]
Patch

OK, I think that this is fine. We have the same rules on build.webkit.org anyway.

Comment 5 WebKit Commit Bot 2019-04-08 17:42:33 PDT

Comment on attachment 366985 [details]
Patch

Clearing flags on attachment: 366985

Committed r244060: <https://trac.webkit.org/changeset/244060>

Comment 6 WebKit Commit Bot 2019-04-08 17:42:34 PDT

All reviewed patches have been landed.  Closing bug.