hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-17 04:24:35 +03:00
Code Issues Projects Releases Wiki Activity
02d80c9ac6
graphql-engine/docs/graphql/manual/deployment
History
Anon Ray 02d80c9ac6 read cookie while initialising websocket connection (fix #1660) (#1668) 
* read cookie while initialising websocket connection (fix #1660)

* add tests for cookie on websocket init

* fix logic for tests

* enforce cors, and flag to force read cookie when cors disabled

  - as browsers don't enforce SOP on websockets, we enforce CORS policy
  on websocket handshake
  - if CORS is disabled, by default cookie is not read (because XSS
  risk!). Add special flag to force override this behaviour

* add log and forward origin header to webhook

  - add log notice when cors is disabled, and cookie is not read on
  websocket handshake
  - forward origin header to webhook in POST mode. So that when CORS is
  disabled, webhook can also enforce CORS independently.

* add docs, and forward all client headers to webhook
2019-03-04 13:16:53 +05:30
..
docker fix docs content (#1603) 2019-02-14 16:44:25 +05:30
graphql-engine-flags read cookie while initialising websocket connection (fix #1660) (#1668) 2019-03-04 13:16:53 +05:30
heroku fix docs content (#1603) 2019-02-14 16:44:25 +05:30
kubernetes fix docs content (#1603) 2019-02-14 16:44:25 +05:30
index.rst add table of contents to docs pages (#1115) 2018-12-03 17:42:24 +05:30
logging.rst add table of contents to docs pages (#1115) 2018-12-03 17:42:24 +05:30
postgres-permissions.rst docs update (#1535) 2019-02-06 12:09:36 +05:30
securing-graphql-endpoint.rst rename access-key to admin-secret (close #1347) (#1540) 2019-02-14 15:07:47 +05:30
updating.rst add table of contents to docs pages (#1115) 2018-12-03 17:42:24 +05:30