fix: panic in the config (#268)

On-behalf-of: @SAP [email protected]

Signed-off-by: Artem Shcherbatiuk <[email protected]>

Author: vertex451

cmd/root.go

@@ -67,8 +67,8 @@ func initConfig() {
 	v.SetDefault("gateway-handler-graphiql", true)
 	// Gateway CORS
 	v.SetDefault("gateway-cors-enabled", false)
-	v.SetDefault("gateway-cors-allowed-origins", []string{"*"})
-	v.SetDefault("gateway-cors-allowed-headers", []string{"*"})
+	v.SetDefault("gateway-cors-allowed-origins", "*")
+	v.SetDefault("gateway-cors-allowed-headers", "*")
 }
 
 func Execute() {

common/config/config.go

@@ -22,9 +22,9 @@ type Config struct {
 		} `mapstructure:",squash"`
 
 		Cors struct {
-			Enabled        bool     `mapstructure:"gateway-cors-enabled"`
-			AllowedOrigins []string `mapstructure:"gateway-cors-allowed-origins"`
-			AllowedHeaders []string `mapstructure:"gateway-cors-allowed-headers"`
+			Enabled        bool   `mapstructure:"gateway-cors-enabled"`
+			AllowedOrigins string `mapstructure:"gateway-cors-allowed-origins"`
+			AllowedHeaders string `mapstructure:"gateway-cors-allowed-headers"`
 		} `mapstructure:",squash"`
 	} `mapstructure:",squash"`
 }

gateway/manager/export_test.go

@@ -10,8 +10,8 @@ import (
 func NewManagerForTest() *Service {
 	cfg := appConfig.Config{}
 	cfg.Gateway.Cors.Enabled = true
-	cfg.Gateway.Cors.AllowedOrigins = []string{"*"}
-	cfg.Gateway.Cors.AllowedHeaders = []string{"Authorization"}
+	cfg.Gateway.Cors.AllowedOrigins = "*"
+	cfg.Gateway.Cors.AllowedHeaders = "Authorization"
 
 	s := &Service{
 		AppCfg:   cfg,

gateway/manager/handler.go

@@ -79,10 +79,8 @@ func (s *Service) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 func (s *Service) handleCORS(w http.ResponseWriter, r *http.Request) bool {
 	if s.AppCfg.Gateway.Cors.Enabled {
-		allowedOrigins := strings.Join(s.AppCfg.Gateway.Cors.AllowedOrigins, ",")
-		allowedHeaders := strings.Join(s.AppCfg.Gateway.Cors.AllowedHeaders, ",")
-		w.Header().Set("Access-Control-Allow-Origin", allowedOrigins)
-		w.Header().Set("Access-Control-Allow-Headers", allowedHeaders)
+		w.Header().Set("Access-Control-Allow-Origin", s.AppCfg.Gateway.Cors.AllowedOrigins)
+		w.Header().Set("Access-Control-Allow-Headers", s.AppCfg.Gateway.Cors.AllowedHeaders)
 		// setting cors allowed methods is not needed for this service,
 		// as all graphql methods are part of the cors safelisted methods
 		// https://fetch.spec.whatwg.org/#cors-safelisted-method