From af6695e935d48e9ce1cf4ed6f53371cd01fc0f4d Mon Sep 17 00:00:00 2001
From: Martin Zimmermann <info@posativ.org>
Date: Tue, 5 Nov 2013 13:33:04 +0100
Subject: [PATCH] lowercase MiddleWare and fix TypeError in Headers

---
 isso/__init__.py   |  2 +-
 isso/wsgi.py       | 18 +++++++++++-------
 specs/test_cors.py |  8 +++++---
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/isso/__init__.py b/isso/__init__.py
index 7cfacd1..19b9403 100644
--- a/isso/__init__.py
+++ b/isso/__init__.py
@@ -174,7 +174,7 @@ def make_app(conf=None):
 
     app = ProxyFix(
             wsgi.SubURI(
-                wsgi.CORSMiddleWare(
+                wsgi.CORSMiddleware(
                     SharedDataMiddleware(isso, {
                         '/js': join(dirname(__file__), 'js/'),
                         '/css': join(dirname(__file__), 'css/')}),
diff --git a/isso/wsgi.py b/isso/wsgi.py
index 19690f6..4acd81f 100644
--- a/isso/wsgi.py
+++ b/isso/wsgi.py
@@ -1,5 +1,8 @@
 # -*- encoding: utf-8 -*-
 
+from werkzeug.datastructures import Headers
+
+
 class SubURI(object):
 
     def __init__(self, app):
@@ -17,7 +20,7 @@ class SubURI(object):
         return self.app(environ, start_response)
 
 
-class CORSMiddleWare(object):
+class CORSMiddleware(object):
 
     def __init__(self, app, hosts):
         self.app = app
@@ -34,12 +37,13 @@ class CORSMiddleWare(object):
             else:
                 origin = host.rstrip("/")
 
-            headers.append(("Access-Control-Allow-Origin", origin))
-            headers.append(("Access-Control-Allow-Headers", "Origin, Content-Type"))
-            headers.append(("Access-Control-Allow-Credentials", "true"))
-            headers.append(("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE"))
-            headers.append(("Access-Control-Expose-Headers", "X-Set-Cookie"))
-            return start_response(status, headers, exc_info)
+            headers = Headers(headers)
+            headers.add("Access-Control-Allow-Origin", origin)
+            headers.add("Access-Control-Allow-Headers", "Origin, Content-Type")
+            headers.add("Access-Control-Allow-Credentials", "true")
+            headers.add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE")
+            headers.add("Access-Control-Expose-Headers", "X-Set-Cookie")
+            return start_response(status, headers.to_list(), exc_info)
 
         if environ.get("REQUEST_METHOD") == "OPTIONS":
             add_cors_headers("200 Ok", [("Content-Type", "text/plain")])
diff --git a/specs/test_cors.py b/specs/test_cors.py
index eea4e4c..b7a1e0c 100644
--- a/specs/test_cors.py
+++ b/specs/test_cors.py
@@ -1,8 +1,10 @@
 
+from __future__ import unicode_literals
+
 from werkzeug.test import Client
 from werkzeug.wrappers import Response
 
-from isso.wsgi import CORSMiddleWare
+from isso.wsgi import CORSMiddleware
 
 
 def hello_world(environ, start_response):
@@ -12,7 +14,7 @@ def hello_world(environ, start_response):
 
 def test_simple_CORS():
 
-    app = CORSMiddleWare(hello_world, hosts=[
+    app = CORSMiddleware(hello_world, hosts=[
         "https://example.tld/",
         "http://example.tld/",
         "http://example.tld",
@@ -40,7 +42,7 @@ def test_simple_CORS():
 
 def test_preflight_CORS():
 
-    app = CORSMiddleWare(hello_world, hosts=["http://example.tld"])
+    app = CORSMiddleware(hello_world, hosts=["http://example.tld"])
     client = Client(app, Response)
 
     rv = client.open(method="OPTIONS", path="/", headers={"ORIGIN": "http://example.tld"})