fix: honor requested allow origin settings properly (#17789)

fixes #17778
2025-11-07 21:02:58 -05:00 · 2023-08-02 20:41:21 -07:00
parent 1664fd8bb1
commit 4a4950fe41
4 changed files with 7 additions and 9 deletions
--- a/cmd/generic-handlers.go
+++ b/cmd/generic-handlers.go
@@ -443,6 +443,11 @@ func setRequestValidityMiddleware(h http.Handler) http.Handler {
 // is obtained from centralized etcd configuration service.
 func setBucketForwardingMiddleware(h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if origin := w.Header().Get("Access-Control-Allow-Origin"); origin == "null" {
+			// This is a workaround change to ensure that "Origin: null"
+			// incoming request to a response back as "*" instead of "null"
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+		}
 		if globalDNSConfig == nil || !globalBucketFederation ||
 			guessIsHealthCheckReq(r) || guessIsMetricsReq(r) ||
 			guessIsRPCReq(r) || guessIsLoginSTSReq(r) || isAdminReq(r) {