Strelka::App plugin module for Cross-Origin Resource Sharing (CORS)
class MyService < Strelka::App plugins :cors allow_origins '*' end # MyService
Resources:
Extension callback – extend the HTTPRequest class with Auth support when this plugin is loaded.
# File lib/strelka/app/cors.rb, line 59
def self::included( object )
self.log.debug "Extending Request with CORS mixin"
Strelka::HTTPRequest.class_eval { include Strelka::HTTPRequest::CORS }
Strelka::HTTPResponse.class_eval { include Strelka::HTTPResponse::CORS }
super
endHandle a CORS preflight request.
# File lib/strelka/app/cors.rb, line 87
def handle_preflight_request( request )
path = request.app_path
response = request.response
self.class.access_controls.each do |pattern, options|
self.log.debug "Applying access controls: %p (%p)" % [ pattern, options ]
# TODO: Skip requests that don't match options? E.g.,
# next unless options[:allowed_methods].include?( request.verb )
options[:block].call( request, response ) if
options[:block] && ( !pattern || path.match(pattern) )
end
response.add_cors_headers
response.status = 204
return response
endExtend handled requests with CORS stuff.
# File lib/strelka/app/cors.rb, line 68
def handle_request( request )
if request.origin
self.log.info "Request has an Origin (%p): applying CORS" % [ request.origin ]
response = if request.is_preflight?
self.log.debug "Preflight request for %s" % [ request.uri ]
self.handle_preflight_request( request )
else
request.response.add_cors_headers
super
end
return response
else
super
end
end