corsair 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.rubocop.yml +17 -0
- data/Gemfile +2 -0
- data/Gemfile.lock +17 -0
- data/MIT-LICENSE +20 -0
- data/README.md +29 -0
- data/Rakefile +11 -0
- data/corsair.gemspec +24 -0
- data/lib/corsair.rb +43 -0
- data/lib/corsair/version.rb +5 -0
- data/test/unit/cors_test.rb +30 -0
- metadata +84 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 1760dcbab186f4c95221bf3010fcf4e2124ed415
|
4
|
+
data.tar.gz: 3cfd03d0d96a811868ba79e057ba255dc59179e9
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 2a73b86d31a17ca6a0d2532c5c94d5e2d2a3ecfa5d40c62cbf6dd75c380f81e505388d178555f71ba7cebabe13b5626b5d8b2051cf584ad7da5fd96641cedfca
|
7
|
+
data.tar.gz: 328a999a606e34cf4fd85d22576ba33abf03d7ea644fe205c31215234fd11795a3029ee97718ea787f4a4ca6db6515d9a0219be2ed1609ee1f7a288028da654d
|
data/.rubocop.yml
ADDED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2015 Varvet
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
# Corsair
|
2
|
+
|
3
|
+
A Rack middleware that adds the simple request CORS Access-Control-Allow-Origin header to your application, even if the app raised an exception.
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Require Corsair in your application's Gemfile:
|
8
|
+
```ruby
|
9
|
+
gem "corsair"
|
10
|
+
```
|
11
|
+
|
12
|
+
In order for Corsair to do its thing it needs to be at the top of the middleware stack. For Rails, this will work nicely in your application.rb:
|
13
|
+
```ruby
|
14
|
+
config.middleware.insert_before 0, "Rack::Corsair"
|
15
|
+
```
|
16
|
+
|
17
|
+
## Options
|
18
|
+
|
19
|
+
By default, Corsair will add `Access-Control-Allow-Origin: *` to all your response headers. You can currently control which domain gets added instead of `*`, and which resources get the header added. You pass those options in a block, like this:
|
20
|
+
```ruby
|
21
|
+
config.middleware.insert_before 0, "Rack::Corsair" do |corsair|
|
22
|
+
corsair.allow_origin "*"
|
23
|
+
corsair.allow_resource :things
|
24
|
+
end
|
25
|
+
```
|
26
|
+
|
27
|
+
## License
|
28
|
+
|
29
|
+
Licensed under the MIT license. See the separate MIT-LICENSE file.
|
data/Rakefile
ADDED
data/corsair.gemspec
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
$:.push File.expand_path("../lib", __FILE__)
|
2
|
+
|
3
|
+
# Maintain your gem's version:
|
4
|
+
require "corsair/version"
|
5
|
+
|
6
|
+
# Describe your gem and declare its dependencies:
|
7
|
+
Gem::Specification.new do |gem|
|
8
|
+
gem.name = "corsair"
|
9
|
+
gem.version = Rack::Corsair::VERSION
|
10
|
+
gem.authors = ["Varvet"]
|
11
|
+
gem.email = ["info@varvet.se"]
|
12
|
+
gem.homepage = "https://github.com/varvet/corsair"
|
13
|
+
gem.summary = "Rack middleware for CORS responses in simple requests"
|
14
|
+
gem.description = "Corsair adds Access-Control-Allow-Origin to the response headers, even if your app raises an error."
|
15
|
+
gem.license = "MIT"
|
16
|
+
|
17
|
+
gem.files = `git ls-files -z`.split("\x0")
|
18
|
+
gem.executables = gem.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
19
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
20
|
+
gem.require_paths = ["lib"]
|
21
|
+
|
22
|
+
gem.add_development_dependency "bundler", "~> 1.7"
|
23
|
+
gem.add_development_dependency "rake", "~> 10.0"
|
24
|
+
end
|
data/lib/corsair.rb
ADDED
@@ -0,0 +1,43 @@
|
|
1
|
+
module Rack
|
2
|
+
class Corsair
|
3
|
+
def initialize(app, &block)
|
4
|
+
@app = app
|
5
|
+
@origin = "*"
|
6
|
+
@resources = []
|
7
|
+
block.call(self) if block_given?
|
8
|
+
end
|
9
|
+
|
10
|
+
def call(env)
|
11
|
+
req = Rack::Request.new(env)
|
12
|
+
status, headers, response = @app.call(env)
|
13
|
+
|
14
|
+
if resource_allowed?(req)
|
15
|
+
[status, headers.merge(cors_headers), response]
|
16
|
+
else
|
17
|
+
[status, headers, response]
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def allow_origin(origin)
|
22
|
+
@origin = origin
|
23
|
+
end
|
24
|
+
|
25
|
+
def allow_resource(resource)
|
26
|
+
@resources << resource.to_s
|
27
|
+
end
|
28
|
+
|
29
|
+
private
|
30
|
+
|
31
|
+
def resource_allowed?(req)
|
32
|
+
return true if @resources.empty?
|
33
|
+
resource = req.env["PATH_INFO"].split("/")[1]
|
34
|
+
@resources.include?(resource)
|
35
|
+
end
|
36
|
+
|
37
|
+
def cors_headers
|
38
|
+
{
|
39
|
+
"Access-Control-Allow-Origin" => @origin
|
40
|
+
}
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require "minitest/autorun"
|
2
|
+
require "rack/test"
|
3
|
+
require "corsair"
|
4
|
+
|
5
|
+
describe Rack::Corsair do
|
6
|
+
include Rack::Test::Methods
|
7
|
+
|
8
|
+
def app
|
9
|
+
app = Rack::Builder.new do
|
10
|
+
map "/things/1" do
|
11
|
+
run proc { [200, { "Content-Type" => "application/json" }, "{ \"status\": 200 }"] }
|
12
|
+
end
|
13
|
+
map "/things/1000" do
|
14
|
+
run proc { [404, { "Content-Type" => "application/json" }, "{ \"status\": 404 }"] }
|
15
|
+
end
|
16
|
+
end.to_app
|
17
|
+
|
18
|
+
Rack::Corsair.new(app)
|
19
|
+
end
|
20
|
+
|
21
|
+
it "gets access-control-allow-origin header on a 200" do
|
22
|
+
get "/things/1"
|
23
|
+
assert_equal last_response.original_headers["Access-Control-Allow-Origin"], "*"
|
24
|
+
end
|
25
|
+
|
26
|
+
it "gets access-control-allow-origin header on a 404" do
|
27
|
+
get "/things/1000"
|
28
|
+
assert_equal last_response.original_headers["Access-Control-Allow-Origin"], "*"
|
29
|
+
end
|
30
|
+
end
|
metadata
ADDED
@@ -0,0 +1,84 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: corsair
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Varvet
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-02-20 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.7'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.7'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
description: Corsair adds Access-Control-Allow-Origin to the response headers, even
|
42
|
+
if your app raises an error.
|
43
|
+
email:
|
44
|
+
- info@varvet.se
|
45
|
+
executables: []
|
46
|
+
extensions: []
|
47
|
+
extra_rdoc_files: []
|
48
|
+
files:
|
49
|
+
- ".rubocop.yml"
|
50
|
+
- Gemfile
|
51
|
+
- Gemfile.lock
|
52
|
+
- MIT-LICENSE
|
53
|
+
- README.md
|
54
|
+
- Rakefile
|
55
|
+
- corsair.gemspec
|
56
|
+
- lib/corsair.rb
|
57
|
+
- lib/corsair/version.rb
|
58
|
+
- test/unit/cors_test.rb
|
59
|
+
homepage: https://github.com/varvet/corsair
|
60
|
+
licenses:
|
61
|
+
- MIT
|
62
|
+
metadata: {}
|
63
|
+
post_install_message:
|
64
|
+
rdoc_options: []
|
65
|
+
require_paths:
|
66
|
+
- lib
|
67
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
68
|
+
requirements:
|
69
|
+
- - ">="
|
70
|
+
- !ruby/object:Gem::Version
|
71
|
+
version: '0'
|
72
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
requirements: []
|
78
|
+
rubyforge_project:
|
79
|
+
rubygems_version: 2.2.0
|
80
|
+
signing_key:
|
81
|
+
specification_version: 4
|
82
|
+
summary: Rack middleware for CORS responses in simple requests
|
83
|
+
test_files:
|
84
|
+
- test/unit/cors_test.rb
|