You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ja...@apache.org on 2012/11/08 23:44:11 UTC
[7/15] git commit: simplify handling of Allow-Credentials
simplify handling of Allow-Credentials
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/07ed30f0
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/07ed30f0
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/07ed30f0
Branch: refs/heads/431-feature_cors
Commit: 07ed30f02aa33ac18a45be1070263f07de925d8a
Parents: 63e93a3
Author: Jan Lehnardt <ja...@apache.org>
Authored: Thu Nov 8 22:50:07 2012 +0100
Committer: Jan Lehnardt <ja...@apache.org>
Committed: Thu Nov 8 23:37:34 2012 +0100
----------------------------------------------------------------------
src/couchdb/couch_httpd_cors.erl | 37 ++++++++++++++------------------
1 files changed, 16 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb/blob/07ed30f0/src/couchdb/couch_httpd_cors.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_cors.erl b/src/couchdb/couch_httpd_cors.erl
index e14917f..c3caa5c 100644
--- a/src/couchdb/couch_httpd_cors.erl
+++ b/src/couchdb/couch_httpd_cors.erl
@@ -82,14 +82,8 @@ handle_cors_headers(Origin, Host, AcceptedOrigins) ->
make_cors_header(Origin, Host) ->
- Credentials = credentials(Origin, Host),
- [{"Access-Control-Allow-Origin", Origin}]
- ++ make_cors_header_credentials(Credentials).
-
-make_cors_header_credentials(true) ->
- [{"Access-Control-Allow-Credentials", "true"}];
-make_cors_header_credentials(false) ->
- [].
+ Headers = [{"Access-Control-Allow-Origin", Origin}],
+ maybe_add_credentials(Origin, Host, Headers).
preflight_request(MochiReq) ->
Host = couch_httpd_vhost:host(MochiReq),
@@ -130,19 +124,11 @@ handle_preflight_request(Origin, Host, MochiReq) ->
% get max age
MaxAge = cors_config(Host, "max_age", ?CORS_DEFAULT_MAX_AGE),
- PreflightHeaders0 = case credentials(Origin, Host) of
- true ->
- [{"Access-Control-Allow-Origin", Origin},
- {"Access-Control-Allow-Credentials", "true"},
- {"Access-Control-Max-Age", MaxAge},
- {"Access-Control-Allow-Methods", string:join(SupportedMethods,
- ", ")}];
- false ->
- [{"Access-Control-Allow-Origin", Origin},
- {"Access-Control-Max-Age", MaxAge},
- {"Access-Control-Allow-Methods", string:join(SupportedMethods,
- ", ")}]
- end,
+ PreflightHeaders0 = maybe_add_credentials(Origin, Host, [
+ {"Access-Control-Allow-Origin", Origin},
+ {"Access-Control-Max-Age", MaxAge},
+ {"Access-Control-Allow-Methods",
+ string:join(SupportedMethods, ", ")}]),
case MochiReq:get_header_value("Access-Control-Request-Method") of
undefined ->
@@ -188,6 +174,15 @@ send_preflight_response(#httpd{mochi_req=MochiReq}=Req, Headers) ->
{ok, MochiReq:respond({204, Headers2, <<>>})}.
+maybe_add_credentials(Origin, Host, Headers) ->
+ maybe_add_credentials(Headers, credentials(Origin, Host)).
+
+maybe_add_credentials(Headers, false) ->
+ Headers;
+maybe_add_credentials(Headers, true) ->
+ Headers ++ [{"Access-Control-Allow-Credentials", "true"}].
+
+
credentials("*", _Host) ->
false;
credentials(_Origin, Host) ->