mirror of https://github.com/grafana/grafana.git
c4b8303799
Canvas: Allow API calls to grafana origin (#91822)
* allow post URL
* check for config
* allow relative paths
* add allowed internal pattern; add checks for method
* update defaults.ini
* add custom header
* update config comment
* use globbing, switch to older middleware - deprecated call
* add codeowner
* update to use current api, add test
* update fall through logic
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* add more tests
* Update pkg/middleware/validate_action_url_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* fix request headers
* add additional tests for all verbs
* fix request headers++
* throw error when method is unknown
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Brian Gann <bkgann@gmail.com>
Co-authored-by: Brian Gann <briangann@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| cookies | ||
| csrf | ||
| loggermw | ||
| requestmeta | ||
| auth.go | ||
| auth_test.go | ||
| csp.go | ||
| dashboard_redirect.go | ||
| dashboard_redirect_test.go | ||
| gziper.go | ||
| middleware.go | ||
| middleware_test.go | ||
| org_redirect.go | ||
| org_redirect_test.go | ||
| quota.go | ||
| quota_test.go | ||
| recovery.go | ||
| recovery_test.go | ||
| request_metadata_test.go | ||
| request_metrics.go | ||
| request_test.go | ||
| request_tracing.go | ||
| subpath_redirect.go | ||
| subpath_redirect_test.go | ||
| testing.go | ||
| validate_action_url.go | ||
| validate_action_url_test.go | ||
| validate_host.go | ||