arno/isso
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

handle OPTIONS request and return CORS headers

Browse Source
This commit is contained in:
Martin Zimmermann 2013-11-03 15:18:04 +01:00
parent fe63a76960
commit d59fc2ef8e
1 changed files with 24 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
isso/__init__.py
View File

@ -46,6 +46,7 @@ import misaka
from itsdangerous import URLSafeTimedSerializer from itsdangerous import URLSafeTimedSerializer
from werkzeug.routing import Map, Rule from werkzeug.routing import Map, Rule
from werkzeug.wrappers import Response
from werkzeug.exceptions import HTTPException, InternalServerError from werkzeug.exceptions import HTTPException, InternalServerError
from werkzeug.wsgi import SharedDataMiddleware from werkzeug.wsgi import SharedDataMiddleware
@ -83,6 +84,23 @@ class Isso(object):
Rule('/check-ip', endpoint=views.comment.checkip) Rule('/check-ip', endpoint=views.comment.checkip)
]) ])
@classmethod
def CORS(cls, request, response, hosts):
for host in hosts:
if request.environ.get("HTTP_ORIGIN", None) == host.rstrip("/"):
origin = host.rstrip("/")
break
else:
origin = host.rstrip("/")
hdrs = response.headers
hdrs["Access-Control-Allow-Origin"] = origin
hdrs["Access-Control-Allow-Headers"] = "Origin, Content-Type"
hdrs["Access-Control-Allow-Credentials"] = "true"
hdrs["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE"
return response
def __init__(self, conf): def __init__(self, conf):
self.conf = conf self.conf = conf
@ -103,7 +121,12 @@ class Isso(object):
| misaka.HTML_SKIP_HTML | misaka.HTML_SKIP_IMAGES | misaka.HTML_SAFELINK) | misaka.HTML_SKIP_HTML | misaka.HTML_SKIP_IMAGES | misaka.HTML_SAFELINK)
def dispatch(self, request): def dispatch(self, request):
if request.method == "OPTIONS":
return Isso.CORS(request, Response("", 200), self.conf.getiter("general", "host"))
adapter = Isso.urls.bind_to_environ(request.environ) adapter = Isso.urls.bind_to_environ(request.environ)
try: try:
handler, values = adapter.match() handler, values = adapter.match()
except HTTPException as e: except HTTPException as e:
@ -117,20 +140,7 @@ class Isso(object):
logger.exception("%s %s", request.method, request.environ["PATH_INFO"]) logger.exception("%s %s", request.method, request.environ["PATH_INFO"])
return InternalServerError() return InternalServerError()
for host in self.conf.getiter('general', 'host'): return Isso.CORS(request, response, self.conf.getiter("general", "host"))
if request.environ.get("HTTP_ORIGIN", None) == host.rstrip("/"):
origin = host.rstrip("/")
break
else:
origin = host.rstrip("/")
hdrs = response.headers
hdrs["Access-Control-Allow-Origin"] = origin
hdrs["Access-Control-Allow-Headers"] = "Origin, Content-Type"
hdrs["Access-Control-Allow-Credentials"] = "true"
hdrs["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE"
return response
def wsgi_app(self, environ, start_response): def wsgi_app(self, environ, start_response):