pierrelf.com / grain
Rust implementation of OCI Distribution Spec with granular access control
fork atom

Replace permissive CORS with configurable allowed origins #7

open opened by pierrelf.com

Problem#

main.rs:115 uses CorsLayer::permissive() which allows any origin to make cross-origin requests to the registry API. While this simplifies development, in production it allows any website to make authenticated requests to the registry if a user has credentials cached in their browser.

Proposed Solution#

  • Add a --cors-origins CLI argument accepting a comma-separated list of allowed origins
  • Default to no CORS headers (or same-origin only) when not specified
  • Keep a --cors-permissive flag for development convenience
  • Apply the configured CORS policy in the middleware layer

Impact#

Low risk since OCI clients (docker, crane, etc.) don't use browsers, but it's good security hygiene for the admin API and Swagger UI.

sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:meotu43t6usg4qdwzenk4s2t/sh.tangled.repo.issue/3mfkg7jq6yj2g