From 0f7516edb4d3fdd800af4827a9aac1da170278f6 Mon Sep 17 00:00:00 2001 From: Martin Zimmermann Date: Thu, 12 Sep 2013 19:10:38 +0200 Subject: [PATCH] always announce CORS, fix 3218e16 --- isso/__init__.py | 12 +++++++----- isso/utils.py | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/isso/__init__.py b/isso/__init__.py index be0fb63..8c26aa4 100644 --- a/isso/__init__.py +++ b/isso/__init__.py @@ -68,7 +68,7 @@ class Isso(object): def __init__(self, dbpath, secret, origin, max_age, passphrase): self.DBPATH = dbpath - self.ORIGIN = utils.normalize(origin) + self.ORIGIN = origin self.PASSPHRASE = passphrase self.MAX_AGE = max_age @@ -103,10 +103,7 @@ class Isso(object): except NotFound as e: return Response('Not Found', 404) except MethodNotAllowed: - return Response("", 200, headers={ - "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE", - "Access-Control-Allow-Headers": "Origin, Content-Type" - }) + return Response("Yup.", 200) except HTTPException as e: return e except InternalServerError as e: @@ -114,6 +111,11 @@ class Isso(object): def wsgi_app(self, environ, start_response): response = self.dispatch(Request(environ), start_response) + if hasattr(response, 'headers'): + response.headers["Access-Control-Allow-Origin"] = self.ORIGIN.rstrip('/') + response.headers["Access-Control-Allow-Headers"] = "Origin, Content-Type" + response.headers["Access-Control-Allow-Credentials"] = "true" + response.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE" return response(environ, start_response) def __call__(self, environ, start_response): diff --git a/isso/utils.py b/isso/utils.py index a25fd0b..f1b3cfb 100644 --- a/isso/utils.py +++ b/isso/utils.py @@ -33,7 +33,7 @@ class IssoEncoder(json.JSONEncoder): def urlexists(host, path): with contextlib.closing(httplib.HTTPConnection(host)) as con: try: - con.request('HEAD', path) + con.request('HEAD', normalize(path)) except socket.error: return False return con.getresponse().status == 200