rack-cors-halt 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +8 -8
  2. data/README.md +52 -1
  3. data/lib/rack/cors/halt.rb +7 -1
  4. data/lib/rack/cors/halt/version.rb +1 -1
  5. data/rack-cors-halt.gemspec +12 -11
  6. metadata +4 -3
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- NGQ5NGVmYWY3MmIzYmJhMjNiMGQyNGZjZDg5ODcyMzdkZTVkNjdjNQ==
4
+ MzU0NmVmNjQzMGNjNzcwMmM4NzgxZjMxYTc3OThmZjNmZGRkM2U3Zg==
5
5
  data.tar.gz: !binary |-
6
- NTQ0YmI3MTU5NDExOTFhZjc4MmNmZjI4YmUxNzAxZTA2ZjA1Zjg2NA==
6
+ OTMzMTg0YjU2MTFmZTM3MTU2N2Q0NDZlMDI1YWE1NGQ1MmY5Yjk3Ng==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- MGI4N2I1NmJlZDM2MzFmY2NhZTA0Y2FkMjkxMzVhOWRmNzllOGIxYjk5ZTNk
10
- MzY3NjBkN2IzZDExZjVlYTljYjQyZjZlNDk2NDNkMDllYjE2NjIzYjBmZDM2
11
- ZDUxYWRlOTBmNGQ2MDZlOTRiZjUzNzU3YWJjYjk4NTM2YjM2YWQ=
9
+ OWYwMmNiNDU5M2RmNmRhYTYwNjBlN2JlY2ViYWMzMTM0ZDcwOGQ4ODc3OGFm
10
+ MDQ0Y2U4YmQ4YTg5NmI0Mzk0YWJmNjE3NTIzMTliODhjMmU1NGI0ZmY0NmMw
11
+ MDQwNWI0MGI3MzlkMDM4MzE1NmRhNzAxMDViNDNjNDVhNmRkNDc=
12
12
  data.tar.gz: !binary |-
13
- YzIwNmEyNjQ0NTZjNWUxM2VhNDA0NmZmOWY3NWJlZWY4YWZiZWEzOTZhNGI0
14
- YTJiM2ZjYTY5ZWUxMzc2ZjA4OTg0NzhkNDdhMjczNzQ4ZWU3MTExYTRhNjJh
15
- MWQ3ZGQ4MzZlNWU4NGQ2ZDJiM2Y5YzI1Njk5NzQ0MTRkYmYzN2E=
13
+ M2Y1Y2ZiM2ZlMTQ2OTg2YWUxOTc0OTA5MGIzMWU0YWNkMmEyM2FlYzcwOWRk
14
+ MzY4ZWFiODQzNTkyNmU5NDEzYjk3ZWY2OGUxZGFiYWVlNDY2YTAzMDZjYjFk
15
+ NjVjYWI2MDM4MmEyN2JlYjZhZTA5ZWE4ZDJmMTQzNGYzNzI1Y2M=
data/README.md CHANGED
@@ -1,4 +1,55 @@
1
1
  rack-cors-halt
2
2
  ==============
3
3
 
4
- Halt a CORS request before hitting the controller.
4
+ This gem provides support to prevent a request from hitting the controller when the CORS validation fails.
5
+
6
+
7
+ Important notice
8
+ ==============
9
+
10
+ This gem will only work for gem [Rack::Cors](https://github.com/cyu/rack-cors) at version '0.3.0'.
11
+ At this time, November 18th 2014, the '0.3.0' version is in the 'master' branch, so you need to include the gem like this
12
+ ```ruby
13
+ gem 'rack-cors', :require => 'rack/cors', github: "cyu/rack-cors", branch: 'master'
14
+ ```
15
+ ## Installation
16
+ In your `Gemfile` add the line
17
+
18
+ ```ruby
19
+ gem 'rack-cors-halt'
20
+ ```
21
+ and then run
22
+ ```
23
+ bundle
24
+ ```
25
+ or install it yourself with
26
+ ```
27
+ gem install rack-cors-halt
28
+ ```
29
+
30
+ ## Configuration
31
+
32
+ ### Rack
33
+
34
+ In the `config.ru`file you need to configure the `Rack::Cors::Halt` middleware by passing it in the `use` command:
35
+
36
+ ```ruby
37
+ use Rack::Cors::Halt
38
+ ```
39
+
40
+ ### Rails
41
+
42
+ In your `config/application.rb` you'll need something like this:
43
+
44
+ ```ruby
45
+ module YourApp
46
+ class Application < Rails::Application
47
+
48
+ # ...
49
+
50
+ config.middleware.insert_before 1, "Rack::Cors::Halt"
51
+
52
+ end
53
+ end
54
+ ```
55
+ why `.insert_before 1`? Typically the first middleware will be the `Rack::Cors` one, so the best approach is to place the `Rack::Cors::Halt` beneath that one so no more middlewares are runned.
data/lib/rack/cors/halt.rb CHANGED
@@ -9,7 +9,7 @@ module Rack
9
9
  end
10
10
 
11
11
  def call(env)
12
- if(env['X_RACK_CORS'].hit)
12
+ if(env['X_RACK_CORS'].hit || !http_origin_header_present?(env))
13
13
  @app.call(env)
14
14
  else
15
15
  not_valid_reason = {
@@ -20,6 +20,12 @@ module Rack
20
20
  [200, {"Content-Type" => "application/json"}, [not_valid_reason.to_json]]
21
21
  end
22
22
  end
23
+
24
+ private
25
+
26
+ def http_origin_header_present?(env)
27
+ env['HTTP_ORIGIN'].to_s != ''
28
+ end
23
29
  end
24
30
  end
25
31
  end
data/lib/rack/cors/halt/version.rb CHANGED
@@ -2,7 +2,7 @@ module Rack
2
2
  class Cors
3
3
  class Halt
4
4
 
5
- VERSION = "0.0.1"
5
+ VERSION = "0.0.2"
6
6
 
7
7
  end
8
8
  end
data/rack-cors-halt.gemspec CHANGED
@@ -3,17 +3,18 @@ lib = File.expand_path('../lib', __FILE__)
3
3
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
  require 'rack/cors/halt/version'
5
5
 
6
- Gem::Specification.new do |s|
7
- s.name = 'rack-cors-halt'
8
- s.version = Rack::Cors::Halt::VERSION
9
- s.date = '2014-11-18'
10
- s.summary = 'Rack-Cors-Halt'
11
- s.description = "Halt a CORS request before hitting the controller."
12
- s.authors = ["Ricardo Brazão"]
13
- s.files = `git ls-files`.split($/).reject { |f| f == '.gitignore' }
14
- s.license = 'MIT'
6
+ Gem::Specification.new do |spec|
7
+ spec.name = 'rack-cors-halt'
8
+ spec.version = Rack::Cors::Halt::VERSION
9
+ spec.date = '2014-11-18'
10
+ spec.summary = %q{Rack-Cors-Halt}
11
+ spec.description = %q{Halt a CORS request before hitting the controller.}
12
+ spec.authors = ["Ricardo Brazão"]
13
+ spec.email = ["ricardo.p.pbrazao@gmail.com"]
14
+ spec.homepage = "https://github.com/RicardoBrazao/rack-cors-halt"
15
+ spec.files = `git ls-files`.split($/).reject { |f| f == '.gitignore' }
16
+ spec.license = 'MIT'
15
17
 
16
18
 
17
- s.test_files = s.files.grep(%r{^(test|spec|features)/})
18
-
19
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
20
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cors-halt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ricardo Brazão
@@ -11,7 +11,8 @@ cert_chain: []
11
11
  date: 2014-11-18 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Halt a CORS request before hitting the controller.
14
- email:
14
+ email:
15
+ - ricardo.p.pbrazao@gmail.com
15
16
  executables: []
16
17
  extensions: []
17
18
  extra_rdoc_files: []
@@ -24,7 +25,7 @@ files:
24
25
  - rack-cors-halt.gemspec
25
26
  - spec/halt/halt_spec.rb
26
27
  - spec/halt/test.ru
27
- homepage:
28
+ homepage: https://github.com/RicardoBrazao/rack-cors-halt
28
29
  licenses:
29
30
  - MIT
30
31
  metadata: {}