Skip to content

feat(ohttp): unified header passthrough + CORS preflight fallback for browser OHTTP#164

Merged
imlk0 merged 1 commit into
masterfrom
wasm-cors
Jul 13, 2026
Merged

feat(ohttp): unified header passthrough + CORS preflight fallback for browser OHTTP#164
imlk0 merged 1 commit into
masterfrom
wasm-cors

Conversation

@imlk0

@imlk0 imlk0 commented Jul 10, 2026

Copy link
Copy Markdown
Collaborator

Summary

Introduces a unified HeaderPassthroughSpec for OHTTP header passthrough on both the egress (request) and ingress (response) sides, plus a CORS preflight fallback that forwards OPTIONS requests to the backend and sets Access-Control-Allow-Origin on key-config actuals when cors is unset. Together these let browsers issue OHTTP requests to TNG without being blocked by CORS preflight.

Changes

  • config: HeaderPassthroughSpec enum + unified OHTTP protected-header set; request_headers/response_headers on Egress/IngressHeaderPassthroughConfig
  • egress: plumb request_headers spec into OhttpServerApi; copy outer request headers (e.g. Origin) onto inner OHTTP request; use HeaderPassthroughSpec for response header passthrough; forward CORS preflight to backend and set ACAO on key-config actuals when cors is unset
  • ingress: response_headers passthrough (outer→inner); switch request side to HeaderPassthroughSpec
  • tests: integration coverage for unified header_passthrough / "all" spec / CORS preflight forwarding, plus cors_fallback detection unit tests
  • docs: configuration + version_compatibility updates (bilingual), tng-wasm bilingual CORS guide for browser OHTTP requests, and clarified compatibility-change rules in CLAUDE.md

Compatibility

No breaking change — existing configs parse unchanged. version_compatibility documents the additive header_passthrough/CORS-fallback behavior (no breaking rows).

@shankailun-aliyun

Copy link
Copy Markdown
Collaborator

@imlk0 ,您好,您的请求已接收,请耐心等待结果。

@shankailun-aliyun

Copy link
Copy Markdown
Collaborator

@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start

@codecov

codecov Bot commented Jul 10, 2026

Copy link
Copy Markdown

… browser OHTTP

Introduce a unified HeaderPassthroughSpec for OHTTP header passthrough on
both the egress (request) and ingress (response) sides, plus a CORS
preflight fallback that forwards OPTIONS requests to the backend and sets
Access-Control-Allow-Origin on key-config actuals when cors is unset.
Together these let browsers issue OHTTP requests to TNG without being
blocked by CORS preflight.

- config: HeaderPassthroughSpec enum + unified OHTTP protected-header set;
  request_headers/response_headers on Egress/IngressHeaderPassthroughConfig
- egress: plumb request_headers spec into OhttpServerApi; copy outer
  request headers (e.g. Origin) onto inner OHTTP request; use
  HeaderPassthroughSpec for response header passthrough; forward CORS
  preflight to backend and set ACAO on key-config actuals when cors unset
- ingress: response_headers passthrough (outer->inner); switch request
  side to HeaderPassthroughSpec
- tests: integration coverage for unified header_passthrough / "all" spec
  / CORS preflight forwarding, plus cors_fallback detection unit tests
- docs: configuration + version_compatibility updates (bilingual), tng-wasm
  bilingual CORS guide for browser OHTTP requests, and clarified
  compatibility-change rules in CLAUDE.md

Signed-off-by: Kun Lai <laikun@linux.alibaba.com>
@shankailun-aliyun

Copy link
Copy Markdown
Collaborator

@imlk0 ,您好,您的请求已接收,请耐心等待结果。

@shankailun-aliyun

Copy link
Copy Markdown
Collaborator

@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start

@imlk0
imlk0 merged commit f6ade18 into master Jul 13, 2026
20 checks passed
@imlk0
imlk0 temporarily deployed to github-pages July 13, 2026 04:03 — with GitHub Actions Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants