private static void configureCors(CloudStorageAccount storageAccount) { var blobClient = storageAccount.CreateCloudBlobClient(); Console.WriteLine("Storage Account: " + storageAccount.BlobEndpoint); var newProperties = CurrentProperties(blobClient); newProperties.DefaultServiceVersion = "2013-08-15"; blobClient.SetServiceProperties(newProperties); var addRule = true; if (addRule) { var ruleWideOpenWriter = new CorsRule() { AllowedHeaders = ALLOWED_CORS_HEADERS, AllowedOrigins = ALLOWED_CORS_ORIGINS, AllowedMethods = ALLOWED_CORS_METHODS, MaxAgeInSeconds = (int)TimeSpan.FromDays(ALLOWED_CORS_AGE_DAYS).TotalSeconds }; newProperties.Cors.CorsRules.Clear(); newProperties.Cors.CorsRules.Add(ruleWideOpenWriter); blobClient.SetServiceProperties(newProperties); Console.WriteLine("New Properties:"); CurrentProperties(blobClient); Console.ReadLine(); } }
public void CreateCorsRule(CorsRule corsRule) { var azureClient = GetAzureClient(); var serviceProperties = azureClient.GetServiceProperties(); serviceProperties.Cors.CorsRules.Add(corsRule); azureClient.SetServiceProperties(serviceProperties); }
public void UpdateCorsRule(int id, CorsRule corsRule) { var azureClient = GetAzureClient(); var serviceProperties = azureClient.GetServiceProperties(); serviceProperties.Cors.CorsRules[id] = corsRule; azureClient.SetServiceProperties(serviceProperties); }
public async Task SetCorsPropertiesAsync(CancellationToken cancellationToken) { var cors = new CorsRule(); cors.AllowedOrigins.Add("*"); cors.AllowedMethods = CorsHttpMethods.Put; cors.ExposedHeaders.Add("*"); cors.AllowedHeaders.Add("*"); cors.MaxAgeInSeconds = (int)TimeSpan.FromHours(1).TotalSeconds; var serviceProperties = await this.blobClient.GetServicePropertiesAsync(cancellationToken); serviceProperties.Cors.CorsRules.Clear(); serviceProperties.Cors.CorsRules.Add(cors); await this.blobClient.SetServicePropertiesAsync(serviceProperties, cancellationToken); }
public void TestSetServicePropertiesWithoutMetricsAndLoggingProperties() { ServiceProperties serviceProperties = new ServiceProperties(cors: new CorsProperties()); Microsoft.WindowsAzure.Storage.Shared.Protocol.CorsRule rule = new Microsoft.WindowsAzure.Storage.Shared.Protocol.CorsRule(); rule.AllowedHeaders.Add("x-ms-meta-xyz"); rule.AllowedHeaders.Add("x-ms-meta-data*"); rule.AllowedMethods = CorsHttpMethods.Get | CorsHttpMethods.Put; rule.ExposedHeaders.Add("x-ms-meta-source*"); rule.AllowedOrigins.Add("*"); rule.AllowedMethods = CorsHttpMethods.Get; serviceProperties.Cors.CorsRules.Add(rule); client.SetServiceProperties(serviceProperties); }
public override void ExecuteCmdlet() { ServiceProperties serviceProperties = new ServiceProperties(); serviceProperties.Clean(); serviceProperties.Cors = new CorsProperties(); foreach (var corsRuleObject in this.CorsRules) { CorsRule corsRule = new CorsRule(); corsRule.AllowedHeaders = corsRuleObject.AllowedHeaders; corsRule.AllowedOrigins = corsRuleObject.AllowedOrigins; corsRule.ExposedHeaders = corsRuleObject.ExposedHeaders; corsRule.MaxAgeInSeconds = corsRuleObject.MaxAgeInSeconds; this.SetAllowedMethods(corsRule, corsRuleObject.AllowedMethods); serviceProperties.Cors.CorsRules.Add(corsRule); } try { Channel.SetStorageServiceProperties(ServiceType, serviceProperties, GetRequestOptions(ServiceType), OperationContext); } catch (StorageException se) { if ((null != se.RequestInformation) && ((int)HttpStatusCode.BadRequest == se.RequestInformation.HttpStatusCode) && (null != se.RequestInformation.ExtendedErrorInformation) && (string.Equals(InvalidXMLNodeValueError, se.RequestInformation.ExtendedErrorInformation.ErrorCode, StringComparison.OrdinalIgnoreCase) || string.Equals(InvalidXMLDocError, se.RequestInformation.ExtendedErrorInformation.ErrorCode, StringComparison.OrdinalIgnoreCase))) { throw new InvalidOperationException(Resources.CORSRuleError); } else { throw; } } if (PassThru) { WriteObject(this.CorsRules); } }
public ActionResult Index() { //code here var storageAccount = CloudStorageAccount.Parse( CloudConfigurationManager.GetSetting("StorageConnectionString")); var client = storageAccount.CreateCloudTableClient(); var corsRule = new CorsRule() { AllowedHeaders = new List<string> { "*" }, AllowedMethods = CorsHttpMethods.Connect | CorsHttpMethods.Get, //Since we'll only be calling Query Tables, let's just allow GET verb AllowedOrigins = new List<string> { "*" }, //This is the URL of our application. ExposedHeaders = new List<string> { "*" }, MaxAgeInSeconds = 1 * 60 * 60, //Let the browswer cache it for an hour }; ServiceProperties serviceProperties = client.GetServiceProperties(); CorsProperties corsSettings = serviceProperties.Cors; //add the rule corsSettings.CorsRules.Add(corsRule); //remove all rules - remember to save the settings to the client //corsSettings.CorsRules.Clear(); //Save the rule client.SetServiceProperties(serviceProperties); //break here and inspect corsSettings //After #4, there should already be cors rule connected to an account name. //In order to double check what cors rules are there for that account name, we can use: //ServiceProperties serviceProperties = client.GetServiceProperties(); // CorsProperties corsSettings = serviceProperties.Cors; //code here return View(); }
static void Main(string[] args) { StorageCredentials storageCredentials = new StorageCredentials(args[0], args[1]); CloudStorageAccount storageAccount = new CloudStorageAccount(storageCredentials, true); var blobClient = storageAccount.CreateCloudBlobClient(); // Define our basics for quick op ServiceProperties blobServiceProperties = new ServiceProperties() { HourMetrics = null, MinuteMetrics = null, Logging = null, }; // Define our CORS rules (wide open here) CorsRule corsRule = new CorsRule() { AllowedHeaders = new List<string>() { "*" }, AllowedMethods = CorsHttpMethods.Get | CorsHttpMethods.Post | CorsHttpMethods.Head | CorsHttpMethods.Put, AllowedOrigins = new List<string>() { "*" }, ExposedHeaders = new List<string>() { "*", "Accept-Ranges", "Content-Range"}, MaxAgeInSeconds = 7200 }; // Set our rule blobServiceProperties.Cors.CorsRules.Add(corsRule); try { blobClient.SetServiceProperties(blobServiceProperties); Console.Out.WriteLine("CORS is rollin' for " + args[0]); } catch (Exception e) { Console.Out.WriteLine(e.ToString()); } }
private CorsRuleModel MapCorsRule(CorsRule corsRule) { return new CorsRuleModel() { AllowedOrigins = corsRule.AllowedOrigins, AllowedMethods = MapAllowedMethods(corsRule.AllowedMethods), AllowedHeaders = corsRule.AllowedHeaders, ExposedHeaders = corsRule.ExposedHeaders, MaxAgeInSeconds = corsRule.MaxAgeInSeconds }; }
public async Task RunPermissionsTestTables(SharedAccessAccountPolicy policy) { CloudTableClient tableClient = GenerateCloudTableClient(); string tableName = "t" + Guid.NewGuid().ToString("N"); ServiceProperties initialProperties = await tableClient.GetServicePropertiesAsync(); try { CloudStorageAccount account = new CloudStorageAccount(tableClient.Credentials, false); string accountSASToken = account.GetSharedAccessSignature(policy); StorageCredentials accountSAS = new StorageCredentials(accountSASToken); CloudStorageAccount accountWithSAS = CloudStorageAccount.Create(accountSAS, null, null, tableClient.StorageUri, null); CloudTableClient tableClientWithSAS = accountWithSAS.CreateCloudTableClient(); CloudTable tableWithSAS = tableClientWithSAS.GetTableReference(tableName); CloudTable table = tableClient.GetTableReference(tableName); // General pattern - If current perms support doing a thing with SAS, do the thing with SAS and validate with shared // Otherwise, make sure SAS fails and then do the thing with shared key. // Things to do: // Create the table (Create or Write perms, Container RT) // List tables (List perms, Container RT) // Set table service properties (Write perms, Service RT) // Insert an entity (Add perms, Object RT) // Merge an entity (Update perms, Object RT) // Insert or merge an entity (Add and update perms, Object RT) (test this twice, once for insert, once for merge.) // Query the table for the entity (Read perms, Object RT) // Delete the entity (Delete perms, Object RT) if ((((policy.Permissions & SharedAccessAccountPermissions.Create) == SharedAccessAccountPermissions.Create) || ((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write)) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Container) == SharedAccessAccountResourceTypes.Container)) { await tableWithSAS.CreateAsync(); } else { await TestHelper.ExpectedExceptionAsync<StorageException>( async () => await tableWithSAS.CreateAsync(), "Creating a table with SAS should fail without Add and Container-level permissions."); await table.CreateAsync(); } Assert.IsTrue(await table.ExistsAsync()); if (((policy.Permissions & SharedAccessAccountPermissions.List) == SharedAccessAccountPermissions.List) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Container) == SharedAccessAccountResourceTypes.Container)) { Assert.AreEqual(tableName, (await tableClientWithSAS.ListTablesSegmentedAsync(tableName, null)).First().Name); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => (await tableClientWithSAS.ListTablesSegmentedAsync(tableName, null)).Results.First(), "Listing tables with SAS should fail without Read and Container-level permissions."); } ServiceProperties properties = new ServiceProperties(new LoggingProperties(), new MetricsProperties(), new MetricsProperties(), new CorsProperties()); properties.Logging = initialProperties.Logging; properties.HourMetrics = initialProperties.HourMetrics; properties.MinuteMetrics = initialProperties.MinuteMetrics; properties.DefaultServiceVersion = initialProperties.DefaultServiceVersion; CorsRule rule = new CorsRule(); string sampleOriginText = "sampleOrigin"; rule.AllowedOrigins.Add(sampleOriginText); rule.AllowedMethods = CorsHttpMethods.Get; rule.MaxAgeInSeconds = 100; properties.Cors.CorsRules.Add(rule); if (((policy.Permissions & SharedAccessAccountPermissions.Write) == SharedAccessAccountPermissions.Write) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Service) == SharedAccessAccountResourceTypes.Service)) { await tableClientWithSAS.SetServicePropertiesAsync(properties); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => await tableClientWithSAS.SetServicePropertiesAsync(properties), "Setting table service properites should fail with SAS without Write and Service-level permissions."); await tableClient.SetServicePropertiesAsync(properties); } Assert.AreEqual(sampleOriginText, rule.AllowedOrigins.First()); string propName = "prop"; string propName2 = "prop2"; DynamicTableEntity entity1 = new DynamicTableEntity(); string partitionKey = "PK"; string rowKeyPrefix = "RK"; entity1.PartitionKey = partitionKey; entity1.RowKey = rowKeyPrefix + "1"; entity1.Properties = new Dictionary<string, EntityProperty>() { { propName, EntityProperty.GeneratePropertyForInt(4) } }; entity1.ETag = "*"; if (((policy.Permissions & SharedAccessAccountPermissions.Add) == SharedAccessAccountPermissions.Add) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object)) { await tableWithSAS.ExecuteAsync(TableOperation.Insert(entity1)); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => await tableWithSAS.ExecuteAsync(TableOperation.Insert(entity1)), "Inserting an entity should fail without Add and Object-level permissions."); await table.ExecuteAsync(TableOperation.Insert(entity1)); } TableQuery query = new TableQuery().Where(string.Format("(PartitionKey eq '{0}') and (RowKey eq '{1}')", entity1.PartitionKey, entity1.RowKey)); Assert.AreEqual(entity1.Properties[propName].Int32Value, table.ExecuteQuery(query).First().Properties[propName].Int32Value); entity1.ETag = "*"; DynamicTableEntity entity1changed = new DynamicTableEntity(); entity1changed.PartitionKey = "PK"; entity1changed.RowKey = "RK1"; entity1changed.Properties = new Dictionary<string, EntityProperty>() { { propName2, EntityProperty.GeneratePropertyForInt(5) } }; entity1changed.ETag = "*"; if (((policy.Permissions & SharedAccessAccountPermissions.Update) == SharedAccessAccountPermissions.Update) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object)) { await tableWithSAS.ExecuteAsync(TableOperation.Merge(entity1changed)); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => await tableWithSAS.ExecuteAsync(TableOperation.Merge(entity1changed)), "Merging an entity should fail without Update and Object-level permissions."); await table.ExecuteAsync(TableOperation.Merge(entity1changed)); } DynamicTableEntity result = table.ExecuteQuery(query).First(); Assert.AreEqual(entity1.Properties[propName].Int32Value, result.Properties[propName].Int32Value); Assert.AreEqual(entity1changed.Properties[propName2].Int32Value, result.Properties[propName2].Int32Value); entity1changed.ETag = "*"; DynamicTableEntity entity2 = new DynamicTableEntity(); entity2.PartitionKey = partitionKey; entity2.RowKey = rowKeyPrefix + "2"; entity2.Properties = new Dictionary<string, EntityProperty>() { { propName, EntityProperty.GeneratePropertyForInt(4) } }; entity2.ETag = "*"; if ((((policy.Permissions & SharedAccessAccountPermissions.Add) == SharedAccessAccountPermissions.Add) && ((policy.Permissions & SharedAccessAccountPermissions.Update) == SharedAccessAccountPermissions.Update)) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object)) { await tableWithSAS.ExecuteAsync(TableOperation.InsertOrMerge(entity2)); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => await tableWithSAS.ExecuteAsync(TableOperation.InsertOrMerge(entity2)), "Inserting or merging an entity should fail without Add and Update and Object-level permissions."); await table.ExecuteAsync(TableOperation.InsertOrMerge(entity2)); } query = new TableQuery().Where(string.Format("(PartitionKey eq '{0}') and (RowKey eq '{1}')", entity2.PartitionKey, entity2.RowKey)); Assert.AreEqual(entity2.Properties[propName].Int32Value, table.ExecuteQuery(query).First().Properties[propName].Int32Value); entity2.ETag = "*"; DynamicTableEntity entity2changed = new DynamicTableEntity(); entity2changed.PartitionKey = partitionKey; entity2changed.RowKey = rowKeyPrefix + "2"; entity2changed.Properties = new Dictionary<string, EntityProperty>() { { propName2, EntityProperty.GeneratePropertyForInt(5) } }; entity2changed.ETag = "*"; if ((((policy.Permissions & SharedAccessAccountPermissions.Add) == SharedAccessAccountPermissions.Add) && ((policy.Permissions & SharedAccessAccountPermissions.Update) == SharedAccessAccountPermissions.Update)) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object)) { await tableWithSAS.ExecuteAsync(TableOperation.InsertOrMerge(entity2changed)); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => await tableWithSAS.ExecuteAsync(TableOperation.InsertOrMerge(entity2changed)), "Inserting or merging an entity should fail without Add and Update and Object-level permissions."); await table.ExecuteAsync(TableOperation.InsertOrMerge(entity2changed)); } entity2changed.ETag = "*"; result = table.ExecuteQuery(query).First(); Assert.AreEqual(entity2.Properties[propName].Int32Value, result.Properties[propName].Int32Value); Assert.AreEqual(entity2changed.Properties[propName2].Int32Value, result.Properties[propName2].Int32Value); query = new TableQuery().Where(string.Format("(PartitionKey eq '{0}') and (RowKey ge '{1}') and (RowKey le '{2}')", entity1.PartitionKey, entity1.RowKey, entity2.RowKey)); if (((policy.Permissions & SharedAccessAccountPermissions.Read) == SharedAccessAccountPermissions.Read) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object)) { List<DynamicTableEntity> entities = tableWithSAS.ExecuteQuery(query).ToList(); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => (await tableWithSAS.ExecuteQuerySegmentedAsync(query, null)).ToList(), "Querying tables should fail with SAS without Read and Object-level permissions."); } if (((policy.Permissions & SharedAccessAccountPermissions.Delete) == SharedAccessAccountPermissions.Delete) && ((policy.ResourceTypes & SharedAccessAccountResourceTypes.Object) == SharedAccessAccountResourceTypes.Object)) { await tableWithSAS.ExecuteAsync(TableOperation.Delete(entity1)); } else { await TestHelper.ExpectedExceptionAsync<StorageException>(async () => await tableWithSAS.ExecuteAsync(TableOperation.Delete(entity1)), "Deleting an entity should fail with SAS without Delete and Object-level permissions."); await table.ExecuteAsync(TableOperation.Delete(entity1)); } query = new TableQuery().Where(string.Format("(PartitionKey eq '{0}') and (RowKey eq '{1}')", entity1.PartitionKey, entity1.RowKey)); Assert.IsFalse(table.ExecuteQuery(query).Any()); } finally { tableClient.GetTableReference(tableName).DeleteIfExistsAsync().Wait(); if (initialProperties != null) { tableClient.SetServicePropertiesAsync(initialProperties).Wait(); } } }
private void SetAllowedMethods(CorsRule corsRule, string[] allowedMethods) { corsRule.AllowedMethods = SharedProtocol.CorsHttpMethods.None; if (null != allowedMethods) { foreach (var method in allowedMethods) { SharedProtocol.CorsHttpMethods allowedCorsMethod = SharedProtocol.CorsHttpMethods.None; if (Enum.TryParse<SharedProtocol.CorsHttpMethods>(method, true, out allowedCorsMethod)) { corsRule.AllowedMethods |= allowedCorsMethod; } else { throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, Resources.InvalidHTTPMethod, method)); } } } }
public void CloudFileTestCorsMaxOrigins() { CorsRule ruleManyOrigins = new CorsRule() { AllowedMethods = CorsHttpMethods.Get, }; // Add maximum number of allowed origins for (int i = 0; i < 64; i++) { ruleManyOrigins.AllowedOrigins.Add("www.xyz" + i + ".com"); } CloudFileClient client = GenerateCloudFileClient(); this.TestCorsRules(client, new List<CorsRule>() { ruleManyOrigins }); ruleManyOrigins.AllowedOrigins.Add("www.xyz64.com"); TestHelper.ExpectedException( () => this.TestCorsRules(client, new List<CorsRule>() { ruleManyOrigins }), "A maximum of 64 origins are allowed.", HttpStatusCode.BadRequest, "InvalidXmlNodeValue"); }
public async Task CloudQueueTestValidCorsRulesAsync() { CorsRule ruleMinRequired = new CorsRule() { AllowedOrigins = new List<string>() { "www.xyz.com" }, AllowedMethods = CorsHttpMethods.Get }; CorsRule ruleBasic = new CorsRule() { AllowedOrigins = new List<string>() { "www.ab.com", "www.bc.com" }, AllowedMethods = CorsHttpMethods.Get | CorsHttpMethods.Put, MaxAgeInSeconds = 500, ExposedHeaders = new List<string>() { "x-ms-meta-data*", "x-ms-meta-source*", "x-ms-meta-abc", "x-ms-meta-bcd" }, AllowedHeaders = new List<string>() { "x-ms-meta-data*", "x-ms-meta-target*", "x-ms-meta-xyz", "x-ms-meta-foo" } }; CorsRule ruleAllMethods = new CorsRule() { AllowedOrigins = new List<string>() { "www.xyz.com" }, AllowedMethods = CorsHttpMethods.Put | CorsHttpMethods.Trace | CorsHttpMethods.Connect | CorsHttpMethods.Delete | CorsHttpMethods.Get | CorsHttpMethods.Head | CorsHttpMethods.Options | CorsHttpMethods.Post | CorsHttpMethods.Merge }; CorsRule ruleSingleExposedHeader = new CorsRule() { AllowedOrigins = new List<string>() { "www.ab.com" }, AllowedMethods = CorsHttpMethods.Get, ExposedHeaders = new List<string>() { "x-ms-meta-bcd" }, }; CorsRule ruleSingleExposedPrefixHeader = new CorsRule() { AllowedOrigins = new List<string>() { "www.ab.com" }, AllowedMethods = CorsHttpMethods.Get, ExposedHeaders = new List<string>() { "x-ms-meta-data*" }, }; CorsRule ruleSingleAllowedHeader = new CorsRule() { AllowedOrigins = new List<string>() { "www.ab.com" }, AllowedMethods = CorsHttpMethods.Get, AllowedHeaders = new List<string>() { "x-ms-meta-xyz", }, }; CorsRule ruleSingleAllowedPrefixHeader = new CorsRule() { AllowedOrigins = new List<string>() { "www.ab.com" }, AllowedMethods = CorsHttpMethods.Get, AllowedHeaders = new List<string>() { "x-ms-meta-target*" }, }; CorsRule ruleAllowAll = new CorsRule() { AllowedOrigins = new List<string>() { "*" }, AllowedMethods = CorsHttpMethods.Get, AllowedHeaders = new List<string>() { "*" }, ExposedHeaders = new List<string>() { "*" } }; CloudQueueClient client = GenerateCloudQueueClient(); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleBasic }); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleMinRequired }); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleAllMethods }); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleSingleExposedHeader }); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleSingleExposedPrefixHeader }); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleSingleAllowedHeader }); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleSingleAllowedPrefixHeader }); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleAllowAll }); // Empty rule set should delete all rules await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { }); // Test duplicate rules await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleBasic, ruleBasic }); // Test max number of rules (five) await this.TestCorsRulesAsync( client, null, new List<CorsRule>() { ruleBasic, ruleMinRequired, ruleAllMethods, ruleSingleExposedHeader, ruleSingleExposedPrefixHeader }); // Test max number of rules + 1 (six) OperationContext context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await this.TestCorsRulesAsync( client, context, new List<CorsRule>() { ruleBasic, ruleMinRequired, ruleAllMethods, ruleSingleExposedHeader, ruleSingleExposedPrefixHeader, ruleSingleAllowedHeader }), context, "Services are limited to a maximum of five CORS rules.", HttpStatusCode.BadRequest, "InvalidXmlDocument"); }
private static void ConfigureCors(CloudStorageAccount storageAccount, string allowedOrigins) { var blobClient = storageAccount.CreateCloudBlobClient(); var serviceProperties = blobClient.GetServiceProperties(); var cors = new CorsRule(); cors.AllowedOrigins.Add(allowedOrigins); cors.AllowedMethods = CorsHttpMethods.Get; cors.MaxAgeInSeconds = 3600; serviceProperties.Cors.CorsRules.Add(cors); blobClient.SetServiceProperties(serviceProperties); }
/// <summary> /// Query the Cross-Origin Resource Sharing (CORS) rules for the Queue service /// </summary> /// <param name="blobClient"></param> private static async Task CorsSample(CloudBlobClient blobClient) { // Get CORS rules Console.WriteLine("Get CORS rules"); ServiceProperties serviceProperties = await blobClient.GetServicePropertiesAsync(); // Add CORS rule Console.WriteLine("Add CORS rule"); CorsRule corsRule = new CorsRule { AllowedHeaders = new List<string> { "*" }, AllowedMethods = CorsHttpMethods.Get, AllowedOrigins = new List<string> { "*" }, ExposedHeaders = new List<string> { "*" }, MaxAgeInSeconds = 3600 }; serviceProperties.Cors.CorsRules.Add(corsRule); await blobClient.SetServicePropertiesAsync(serviceProperties); Console.WriteLine(); }
// Return the Azure CORSRule data for this rule. public CorsRule ToCorsRule() { CorsRule rule = new CorsRule(); rule.AllowedOrigins = this.AllowedOrigins.Replace(" ", String.Empty).Split(','); rule.AllowedHeaders = this.AllowedHeaders.Replace(" ", String.Empty).Split(','); rule.ExposedHeaders = this.ExposedHeaders.Replace(" ", String.Empty).Split(','); foreach(String method in this.AllowedMethods.Replace(" ", String.Empty).Split(',')) { switch(method.Trim().ToUpper()) { case "CONNECT": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Connect; break; case "DELETE": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Delete; break; case "GET": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Get; break; case "HEAD": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Head; break; case "MERGE": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Merge; break; case "OPTIONS": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Options; break; case "POST": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Post; break; case "PUT": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Put; break; case "TRACE": rule.AllowedMethods = rule.AllowedMethods | CorsHttpMethods.Trace; break; } } int age = 0; Int32.TryParse(this.MaxAgeInSeconds, out age); rule.MaxAgeInSeconds = age; return rule; }
// Constructor - create from an Azure CorsRule object. public CORSRule(CorsRule rule) { // Retrieve allowed origins. if (rule.AllowedOrigins != null) { String origins = String.Empty; foreach (String origin in rule.AllowedOrigins) { if (origins.Length > 0) { origins = origins + ","; } origins = origins + origin; } this.AllowedOrigins = origins; } // Retrieve allowed headers. if (rule.AllowedHeaders != null) { String headers = String.Empty; foreach (String header in rule.AllowedHeaders) { if (headers.Length > 0) { headers = headers + ","; } headers = headers + header; } this.AllowedHeaders = headers; } // Retrieve exposed headers. if (rule.ExposedHeaders != null) { String headers = String.Empty; foreach (String header in rule.ExposedHeaders) { if (headers.Length > 0) { headers = headers + ","; } headers = headers + header; } this.ExposedHeaders = headers; } // Retrieve allowed methods. String methods = String.Empty; if ((rule.AllowedMethods & CorsHttpMethods.Connect)==CorsHttpMethods.Connect) { methods = methods + "CONNECT,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Delete) == CorsHttpMethods.Delete) { methods = methods + "DELETE,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Get) == CorsHttpMethods.Get) { methods = methods + "GET,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Head) == CorsHttpMethods.Head) { methods = methods + "HEAD,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Merge) == CorsHttpMethods.Merge) { methods = methods + "MERGE,"; }; if ((rule.AllowedMethods & CorsHttpMethods.None) == CorsHttpMethods.None) { methods = methods + "NONE,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Options) == CorsHttpMethods.Options) { methods = methods + "OPTIONS,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Post) == CorsHttpMethods.Post) { methods = methods + "POST,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Put) == CorsHttpMethods.Put) { methods = methods + "PUT,"; }; if ((rule.AllowedMethods & CorsHttpMethods.Trace) == CorsHttpMethods.Trace) { methods = methods + "TRACE,"; }; if (methods.Length > 0 && methods.EndsWith(",")) { methods = methods.Substring(0, methods.Length - 1); } this.AllowedMethods = methods; this.MaxAgeInSeconds = rule.MaxAgeInSeconds.ToString(); }
public string EnableStorageCORS(Account account) { try { var storageAccount = StorageUtils.CreateCloudStorageAccount(account); var blobClient = storageAccount.CreateCloudBlobClient(); CorsHttpMethods allowedMethods = CorsHttpMethods.None; allowedMethods = allowedMethods | CorsHttpMethods.Get; allowedMethods = allowedMethods | CorsHttpMethods.Put; allowedMethods = allowedMethods | CorsHttpMethods.Post; allowedMethods = allowedMethods | CorsHttpMethods.Delete; allowedMethods = allowedMethods | CorsHttpMethods.Options; var delimiter = new[] { "," }; CorsRule corsRule = new CorsRule(); const string allowedOrigins = "*"; const string allowedHeaders = "*"; const string exposedHeaders = ""; string[] allAllowedOrigin = allowedOrigins.Split(delimiter, StringSplitOptions.RemoveEmptyEntries); string[] allExpHeaders = exposedHeaders.Split(delimiter, StringSplitOptions.RemoveEmptyEntries); string[] allAllowHeaders = allowedHeaders.Split(delimiter, StringSplitOptions.RemoveEmptyEntries); List<string> corsAllowedOrigin = new List<string>(); foreach (var item in allAllowedOrigin) { if (!string.IsNullOrWhiteSpace(item)) { corsAllowedOrigin.Add(item.Trim()); } } List<string> corsExposedHeaders = new List<string>(); foreach (var item in allExpHeaders) { if (!string.IsNullOrWhiteSpace(item)) { corsExposedHeaders.Add(item.Trim()); } } List<string> corsAllowHeaders = new List<string>(); foreach (var item in allAllowHeaders) { if (!string.IsNullOrWhiteSpace(item)) { corsAllowHeaders.Add(item.Trim()); } } corsRule.MaxAgeInSeconds = 200; corsRule.AllowedMethods = allowedMethods; corsRule.AllowedHeaders = corsAllowHeaders; corsRule.AllowedOrigins = corsAllowedOrigin; corsRule.ExposedHeaders = corsExposedHeaders; ServiceProperties properties = blobClient.GetServiceProperties(); properties.Cors.CorsRules.Clear(); properties.Cors.CorsRules.Add(corsRule); blobClient.SetServiceProperties(properties); } catch (Exception ex) { logger.Error(ex); return "Failed due to Incorrect Account Name or Key."; } return "Enabling CORS Succeed"; }
private static CorsRule Clone(CorsRule rule) { throw new NotImplementedException(); }
public async Task CloudQueueTestCorsMaxOriginsAsync() { CorsRule ruleManyOrigins = new CorsRule() { AllowedMethods = CorsHttpMethods.Get, }; // Add maximum number of allowed origins for (int i = 0; i < 64; i++) { ruleManyOrigins.AllowedOrigins.Add("www.xyz" + i + ".com"); } CloudQueueClient client = GenerateCloudQueueClient(); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleManyOrigins }); ruleManyOrigins.AllowedOrigins.Add("www.xyz64.com"); OperationContext context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await this.TestCorsRulesAsync(client, context, new List<CorsRule>() { ruleManyOrigins }), context, "A maximum of 64 origins are allowed.", HttpStatusCode.BadRequest, "InvalidXmlNodeValue"); }
public void CloudFileTestCorsExpectedExceptions() { CorsRule ruleEmpty = new CorsRule(); CorsRule ruleInvalidMaxAge = new CorsRule() { AllowedOrigins = new List<string>() { "www.xyz.com" }, AllowedMethods = CorsHttpMethods.Get, MaxAgeInSeconds = -1 }; CloudFileClient client = GenerateCloudFileClient(); TestHelper.ExpectedException<ArgumentException>( () => this.TestCorsRules(client, new List<CorsRule>() { ruleEmpty }), "Empty CORS Rules are not supported."); TestHelper.ExpectedException<ArgumentException>( () => this.TestCorsRules(client, new List<CorsRule>() { ruleInvalidMaxAge }), "MaxAgeInSeconds cannot have a value < 0."); }
/// <summary> /// Устанавливает нужные нам правила на сторедж /// </summary> public static void SetStorageRules() { //опишем правила для корса CorsRule corsRule = new CorsRule { //Список разрешенных доменов AllowedOrigins = new List<string> { "*", //разрешить доступ везде //"http://allowed.domain.com", //"https://allowed.domain.com" }, //разрешенные заголовки, спецефичные для стореджа x-ms-blob-type, x-ms-blob-content-type AllowedHeaders = new List<string> { "x-ms-blob-*", "content-type", "accept" }, //разрешить собственно запись AllowedMethods = CorsHttpMethods.Put, //Сколько кэшировать данные о корсе MaxAgeInSeconds=sasTtl*60 }; //создадим правила для стореджа ServiceProperties serviceProperties = new ServiceProperties { //обязательно такая (или новее, когда появится) - только у неё появился CORS DefaultServiceVersion = "2013-08-15", //вообще, следующие свойства не обязательные, но без них NullReference exception //установим их в дефолты Logging = new LoggingProperties { Version = "1.0", LoggingOperations = LoggingOperations.None }, HourMetrics = new MetricsProperties { Version = "1.0", MetricsLevel = MetricsLevel.None }, MinuteMetrics = new MetricsProperties { Version = "1.0", MetricsLevel = MetricsLevel.None } }; //добавим правило для корса serviceProperties.Cors.CorsRules.Add(corsRule); CloudBlobClient storageClient = GetClient(); //установим значения свойств для сервиса, достачно сделать один раз storageClient.SetServiceProperties(serviceProperties); //создадим контейнер CloudBlobContainer container = storageClient.GetContainerReference(containerName); container.CreateIfNotExists(); }
public async Task<IEnumerable<string>> EnsureCorsIsEnabledAsync(params string[] origins) { var storageAccount = new CloudStorageAccount(new StorageCredentials(Context.DefaultStorageAccount.Name, Settings.StorageAccountKey), false); var client = storageAccount.CreateCloudBlobClient(); var serviceProperties = await client.GetServicePropertiesAsync().ConfigureAwait(continueOnCapturedContext: false); var requiredHeaders = new[] { "accept", "x-ms-blob-content-type", "x-ms-blob-type", "x-ms-date", "x-ms-version", "content-disposition", "content-length", "content-range", "content-type" }; var requiredMethods = CorsHttpMethods.Put | CorsHttpMethods.Options; if (serviceProperties.Cors == null) serviceProperties.Cors = new CorsProperties(); var rule = FindBestMatchingRule(serviceProperties, requiredHeaders, requiredMethods, origins); if (rule == null) { rule = new CorsRule { AllowedHeaders = requiredHeaders, AllowedMethods = requiredMethods, AllowedOrigins = new List<string>(), ExposedHeaders = new List<string> { "*" }, MaxAgeInSeconds = 1800 // 30 minutes }; serviceProperties.Cors.CorsRules.Add(rule); Logger.Information("A new CORS rule has been added to the configured WAMS instance."); } var addedOrigins = new List<string>(); var settingsChanged = false; foreach (var origin in origins.Where(origin => !rule.AllowedOrigins.Contains(origin, StringComparer.OrdinalIgnoreCase))) { rule.AllowedOrigins.Add(origin); addedOrigins.Add(origin); settingsChanged = true; Logger.Information("The following CORS origins were added to the configured WAMS instance: {0}", origin); } if (settingsChanged) await client.SetServicePropertiesAsync(serviceProperties).ConfigureAwait(continueOnCapturedContext: false); return addedOrigins.AsEnumerable(); }
private static void SetCors(CloudStorageAccount storageAccount) { if(CorsActive) return; var blobClient = storageAccount.CreateCloudBlobClient(); Console.WriteLine("Storage Account: " + storageAccount.BlobEndpoint); var newProperties = blobClient.GetServiceProperties(); newProperties.Cors.CorsRules.Clear(); newProperties.DefaultServiceVersion = "2013-08-15"; var ruleWideOpenWriter = new CorsRule() { AllowedHeaders = ALLOWED_CORS_HEADERS, AllowedOrigins = ALLOWED_CORS_ORIGINS, AllowedMethods = ALLOWED_CORS_METHODS, MaxAgeInSeconds = (int)TimeSpan.FromDays(AppSettings.UploadSasTime).TotalSeconds }; newProperties.Cors.CorsRules.Add(ruleWideOpenWriter); blobClient.SetServiceProperties(newProperties); CorsActive = true; }
public async Task CloudQueueTestCorsExpectedExceptionsAsync() { CorsRule ruleEmpty = new CorsRule(); CorsRule ruleInvalidMaxAge = new CorsRule() { AllowedOrigins = new List<string>() { "www.xyz.com" }, AllowedMethods = CorsHttpMethods.Get, MaxAgeInSeconds = -1 }; CloudQueueClient client = GenerateCloudQueueClient(); await TestHelper.ExpectedExceptionAsync<ArgumentException>( async () => await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleEmpty }), "Empty CORS Rules are not supported."); await TestHelper.ExpectedExceptionAsync<ArgumentException>( async () => await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleInvalidMaxAge }), "MaxAgeInSeconds cannot have a value < 0."); }
/// <summary> /// Query the Cross-Origin Resource Sharing (CORS) rules for the Queue service /// </summary> /// <param name="queueClient"></param> private static async Task CorsSample(CloudQueueClient queueClient) { Console.WriteLine(); // Get service properties Console.WriteLine("Get service properties"); ServiceProperties originalProperties = await queueClient.GetServicePropertiesAsync(); try { // Add CORS rule Console.WriteLine("Add CORS rule"); CorsRule corsRule = new CorsRule { AllowedHeaders = new List<string> {"*"}, AllowedMethods = CorsHttpMethods.Get, AllowedOrigins = new List<string> {"*"}, ExposedHeaders = new List<string> {"*"}, MaxAgeInSeconds = 3600 }; ServiceProperties serviceProperties = await queueClient.GetServicePropertiesAsync(); serviceProperties.Cors.CorsRules.Add(corsRule); await queueClient.SetServicePropertiesAsync(serviceProperties); } finally { // Revert back to original service properties Console.WriteLine("Revert back to original service properties"); await queueClient.SetServicePropertiesAsync(originalProperties); } Console.WriteLine(); }
public async Task CloudQueueTestCorsMaxHeadersAsync() { CorsRule ruleManyHeaders = new CorsRule() { AllowedOrigins = new List<string>() { "www.xyz.com" }, AllowedMethods = CorsHttpMethods.Get, AllowedHeaders = new List<string>() { "x-ms-meta-target*", "x-ms-meta-other*" }, ExposedHeaders = new List<string>() { "x-ms-meta-data*", "x-ms-meta-source*" } }; // Add maximum number of non-prefixed headers for (int i = 0; i < 64; i++) { ruleManyHeaders.ExposedHeaders.Add("x-ms-meta-" + i); ruleManyHeaders.AllowedHeaders.Add("x-ms-meta-" + i); } CloudQueueClient client = GenerateCloudQueueClient(); await this.TestCorsRulesAsync(client, null, new List<CorsRule>() { ruleManyHeaders }); // Test with too many Exposed Headers (65) ruleManyHeaders.ExposedHeaders.Add("x-ms-meta-toomany"); OperationContext context = new OperationContext(); await TestHelper.ExpectedExceptionAsync( async () => await this.TestCorsRulesAsync(client, context, new List<CorsRule>() { ruleManyHeaders }), context, "A maximum of 64 literal exposed headers are allowed.", HttpStatusCode.BadRequest, "InvalidXmlNodeValue"); ruleManyHeaders.ExposedHeaders.Remove("x-ms-meta-toomany"); // Test with too many Allowed Headers (65) ruleManyHeaders.AllowedHeaders.Add("x-ms-meta-toomany"); await TestHelper.ExpectedExceptionAsync( async () => await this.TestCorsRulesAsync(client, context, new List<CorsRule>() { ruleManyHeaders }), context, "A maximum of 64 literal allowed headers are allowed.", HttpStatusCode.BadRequest, "InvalidXmlNodeValue"); ruleManyHeaders.AllowedHeaders.Remove("x-ms-meta-toomany"); // Test with too many Exposed Prefixed Headers (three) ruleManyHeaders.ExposedHeaders.Add("x-ms-meta-toomany*"); await TestHelper.ExpectedExceptionAsync( async () => await this.TestCorsRulesAsync(client, context, new List<CorsRule>() { ruleManyHeaders }), context, "A maximum of two prefixed exposed headers are allowed.", HttpStatusCode.BadRequest, "InvalidXmlNodeValue"); ruleManyHeaders.ExposedHeaders.Remove("x-ms-meta-toomany*"); // Test with too many Allowed Prefixed Headers (three) ruleManyHeaders.AllowedHeaders.Add("x-ms-meta-toomany*"); await TestHelper.ExpectedExceptionAsync( async () => await this.TestCorsRulesAsync(client, context, new List<CorsRule>() { ruleManyHeaders }), context, "A maximum of two prefixed allowed headers are allowed.", HttpStatusCode.BadRequest, "InvalidXmlNodeValue"); ruleManyHeaders.AllowedHeaders.Remove("x-ms-meta-toomany*"); }
public void TestSetServicePropertiesWithoutMetricsAndLoggingProperties() { ServiceProperties serviceProperties = new ServiceProperties(cors: new CorsProperties()); Microsoft.WindowsAzure.Storage.Shared.Protocol.CorsRule rule = new Microsoft.WindowsAzure.Storage.Shared.Protocol.CorsRule(); rule.AllowedHeaders.Add("x-ms-meta-xyz"); rule.AllowedHeaders.Add("x-ms-meta-data*"); rule.AllowedMethods = CorsHttpMethods.Get | CorsHttpMethods.Put; rule.ExposedHeaders.Add("x-ms-meta-source*"); rule.AllowedOrigins.Add("*"); rule.AllowedMethods = CorsHttpMethods.Get; serviceProperties.Cors.CorsRules.Add(rule); client.SetServiceProperties(serviceProperties); }