mrpastewart/platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
platform/lib/angel_cors.dart

83 lines
2.6 KiB
Dart
Raw Normal View History

Failing, but...
2016-12-05 02:16:54 +00:00
/// Angel CORS middleware.
library angel_cors;
import 'package:angel_framework/angel_framework.dart';
import 'src/cors_options.dart';
export 'src/cors_options.dart';
/// Determines if a request origin is CORS-able.
typedef bool CorsFilter(String origin);
bool _isOriginAllowed(String origin, allowedOrigin) {
+2
2017-11-18 17:30:39 +00:00
allowedOrigin ??= [];
Failing, but...
2016-12-05 02:16:54 +00:00
if (allowedOrigin is List) {
return allowedOrigin.any((x) => _isOriginAllowed(origin, x));
} else if (allowedOrigin is String) {
return origin == allowedOrigin;
} else if (allowedOrigin is RegExp) {
+2
2017-11-18 17:30:39 +00:00
return origin != null && allowedOrigin.hasMatch(origin);
} else if (origin != null && allowedOrigin is CorsFilter) {
Failing, but...
2016-12-05 02:16:54 +00:00
return allowedOrigin(origin);
} else {
return allowedOrigin != false;
}
}
/// Applies the given [CorsOptions].
RequestMiddleware cors([CorsOptions options]) {
final opts = options ?? new CorsOptions();
return (RequestContext req, ResponseContext res) async {
// Access-Control-Allow-Credentials
if (opts.credentials == true) {
+2
2017-11-18 17:30:39 +00:00
res.headers['Access-Control-Allow-Credentials'] = 'true';
Failing, but...
2016-12-05 02:16:54 +00:00
}
// Access-Control-Allow-Headers
Welcome to Hollywood...
2016-12-05 05:15:28 +00:00
if (req.method == 'OPTIONS' && opts.allowedHeaders.isNotEmpty) {
:)
2016-12-21 17:43:42 +00:00
res.headers['Access-Control-Allow-Headers'] =
opts.allowedHeaders.join(',');
+1
2017-04-15 19:45:29 +00:00
} else if (req.headers['Access-Control-Request-Headers'] != null) {
:)
2016-12-21 17:43:42 +00:00
res.headers['Access-Control-Allow-Headers'] =
+1
2017-04-15 19:45:29 +00:00
req.headers.value('Access-Control-Request-Headers');
Failing, but...
2016-12-05 02:16:54 +00:00
}
// Access-Control-Expose-Headers
if (opts.exposedHeaders.isNotEmpty) {
:)
2016-12-21 17:43:42 +00:00
res.headers['Access-Control-Expose-Headers'] =
opts.exposedHeaders.join(',');
Failing, but...
2016-12-05 02:16:54 +00:00
}
// Access-Control-Allow-Methods
Welcome to Hollywood...
2016-12-05 05:15:28 +00:00
if (req.method == 'OPTIONS' && opts.methods.isNotEmpty) {
:)
2016-12-21 17:43:42 +00:00
res.headers['Access-Control-Allow-Methods'] = opts.methods.join(',');
Failing, but...
2016-12-05 02:16:54 +00:00
}
// Access-Control-Max-Age
Welcome to Hollywood...
2016-12-05 05:15:28 +00:00
if (req.method == 'OPTIONS' && opts.maxAge != null) {
:)
2016-12-21 17:43:42 +00:00
res.headers['Access-Control-Max-Age'] = opts.maxAge.toString();
Failing, but...
2016-12-05 02:16:54 +00:00
}
// Access-Control-Allow-Origin
if (opts.origin == false || opts.origin == '*') {
:)
2016-12-21 17:43:42 +00:00
res.headers['Access-Control-Allow-Origin'] = '*';
Failing, but...
2016-12-05 02:16:54 +00:00
} else if (opts.origin is String) {
res
:)
2016-12-21 17:43:42 +00:00
..headers['Access-Control-Allow-Origin'] = opts.origin
..headers['Vary'] = 'Origin';
Failing, but...
2016-12-05 02:16:54 +00:00
} else {
bool isAllowed =
_isOriginAllowed(req.headers.value('Origin'), opts.origin);
:)
2016-12-21 17:43:42 +00:00
res.headers['Access-Control-Allow-Origin'] =
isAllowed ? req.headers.value('Origin') : false.toString();
Failing, but...
2016-12-05 02:16:54 +00:00
if (isAllowed) {
:)
2016-12-21 17:43:42 +00:00
res.headers['Vary'] = 'Origin';
Failing, but...
2016-12-05 02:16:54 +00:00
}
}
Welcome to Hollywood...
2016-12-05 05:15:28 +00:00
return req.method != 'OPTIONS' || opts.preflightContinue;
Failing, but...
2016-12-05 02:16:54 +00:00
};
}
Reference in a new issue Copy permalink