Add X-Trace-Verbosity header for tracing (ydb-platform#7183)

astandrik · adameat · commit 1d7b521f4a3b · 2024-10-03T05:36:30.000Z
diff --git a/ydb/core/viewer/viewer.cpp b/ydb/core/viewer/viewer.cpp
@@ -536,12 +536,36 @@ class TViewer : public TActorBootstrapped<TViewer>, public IViewer {
             if (type.empty()) {
                 type = "application/json";
             }
-            TStringBuilder response;
-            response << "HTTP/1.1 204 No Content\r\n";
-            FillCORS(response, msg);
-            response << "Content-Type: " + type + "\r\n"
-                        "Connection: Keep-Alive\r\n\r\n";
-            Send(ev->Sender, new NMon::TEvHttpInfoRes(response, 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+            if (AllowOrigin) {
+                ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes(
+                    "HTTP/1.1 204 No Content\r\n"
+                    "Access-Control-Allow-Origin: " + AllowOrigin + "\r\n"
+                    "Access-Control-Allow-Credentials: true\r\n"
+                    "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept,X-Trace-Verbosity,X-Want-Trace\r\n"
+                    "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n"
+                    "Allow: OPTIONS, GET, POST\r\n"
+                    "Content-Type: " + type + "\r\n"
+                    "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+            } else {
+                TString origin = TString(msg->Request.GetHeader("Origin"));
+                if (!origin.empty()) {
+                    ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes(
+                        "HTTP/1.1 204 No Content\r\n"
+                        "Access-Control-Allow-Origin: " + origin + "\r\n"
+                        "Access-Control-Allow-Credentials: true\r\n"
+                        "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept,X-Trace-Verbosity,X-Want-Trace\r\n"
+                        "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n"
+                        "Allow: OPTIONS, GET, POST\r\n"
+                        "Content-Type: " + type + "\r\n"
+                        "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+                } else {
+                    ctx.Send(ev->Sender, new NMon::TEvHttpInfoRes(
+                        "HTTP/1.1 204 No Content\r\n"
+                        "Allow: OPTIONS, GET, POST\r\n"
+                        "Content-Type: " + type + "\r\n"
+                        "Connection: Keep-Alive\r\n\r\n", 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+                }
+            }
             return;
         }
         TString path("/" + msg->Request.GetPage()->Path + msg->Request.GetPathInfo());
@@ -652,8 +676,7 @@ void TViewer::FillCORS(TStringBuilder& stream, const TRequestState& request) {
         stream << "Access-Control-Allow-Origin: " << origin << "\r\n"
                << "Access-Control-Allow-Credentials: true\r\n"
                << "Access-Control-Allow-Headers: Content-Type,Authorization,Origin,Accept,X-Trace-Verbosity,X-Want-Trace\r\n"
-               << "Access-Control-Allow-Methods: OPTIONS, GET, POST, DELETE\r\n"
-               << "Allow: OPTIONS, GET, POST, DELETE\r\n";
+               << "Access-Control-Allow-Methods: OPTIONS, GET, POST\r\n";
     }
 }
 
