rack-cors 2.0.0 → 2.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -1
- data/README.md +6 -8
- data/lib/rack/cors/resource.rb +12 -2
- data/lib/rack/cors/version.rb +1 -1
- metadata +9 -38
- data/.rubocop.yml +0 -31
- data/.travis.yml +0 -13
- data/Gemfile +0 -8
- data/Rakefile +0 -22
- data/rack-cors.gemspec +0 -30
- data/test/.rubocop.yml +0 -8
- data/test/cors/expect.js +0 -1286
- data/test/cors/mocha.css +0 -250
- data/test/cors/mocha.js +0 -5373
- data/test/cors/runner.html +0 -20
- data/test/cors/test.cors.coffee +0 -49
- data/test/cors/test.cors.js +0 -79
- data/test/unit/cors_test.rb +0 -540
- data/test/unit/dsl_test.rb +0 -70
- data/test/unit/insecure.ru +0 -10
- data/test/unit/non_http.ru +0 -10
- data/test/unit/test.ru +0 -66
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 14eb27e856c7cdd90b79cfc7236f3b71e10cfdcb2e282bb1a93546b8a97a053e
|
|
4
|
+
data.tar.gz: c9a2d87407a44c7df88129ece2d8ac5b8f5f6c46414b742c762d63cb99ae2278
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e7a4136f89a39be61d5d1c7cdc1d5d4c85a883ee72f9a0f16c13fdd0218918d9c67a379974bae60271f3a7b1e2aebdaf8c187aa65c9e97b4d12427a9c606af60
|
|
7
|
+
data.tar.gz: a6798527bc3b3463f93d63bb42e901ff11de4512c63e10baf2ccb413526fff0cbee04bd9c2c38025b840c5ce9281fd60cd473d4dd0631a1cb6ba704d7d4d28f0
|
data/CHANGELOG.md
CHANGED
|
@@ -1,7 +1,15 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
All notable changes to this project will be documented in this file.
|
|
3
3
|
|
|
4
|
-
## 2.0.
|
|
4
|
+
## 2.0.2 - 2024-03-04
|
|
5
|
+
### Changed
|
|
6
|
+
- Fix file permission issues with 2.0.1 release
|
|
7
|
+
|
|
8
|
+
## 2.0.1 - 2023-02-17
|
|
9
|
+
### Changed
|
|
10
|
+
- Use Rack::Utils::HeaderHash when Rack 2.x is detected
|
|
11
|
+
|
|
12
|
+
## 2.0.0 - 2023-02-14
|
|
5
13
|
### Changed
|
|
6
14
|
- Refactored codebase
|
|
7
15
|
- Support declaring custom protocols in origin
|
data/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Rack CORS Middleware [](https://github.com/cyu/rack-cors/actions)
|
|
2
2
|
|
|
3
3
|
`Rack::Cors` provides support for Cross-Origin Resource Sharing (CORS) for Rack compatible web applications.
|
|
4
4
|
|
|
@@ -33,18 +33,12 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do
|
|
|
33
33
|
end
|
|
34
34
|
```
|
|
35
35
|
|
|
36
|
-
NOTE: If you create application with `--api` option, configuration automatically
|
|
36
|
+
NOTE: If you create application with `--api` option, configuration is automatically generated in `config/initializers/cors.rb`.
|
|
37
37
|
|
|
38
38
|
We use `insert_before` to make sure `Rack::Cors` runs at the beginning of the stack to make sure it isn't interfered with by other middleware (see `Rack::Cache` note in **Common Gotchas** section). Basic setup examples for Rails 5 & Rails 6 can be found in the examples/ directory.
|
|
39
39
|
|
|
40
40
|
See The [Rails Guide to Rack](http://guides.rubyonrails.org/rails_on_rack.html) for more details on rack middlewares or watch the [railscast](http://railscasts.com/episodes/151-rack-middleware).
|
|
41
41
|
|
|
42
|
-
*Note about Rails 6*: Rails 6 has support for blocking requests from unknown hosts, so origin domains will need to be added there as well.
|
|
43
|
-
|
|
44
|
-
```ruby
|
|
45
|
-
Rails.application.config.hosts << "product.com"
|
|
46
|
-
```
|
|
47
|
-
|
|
48
42
|
Read more about it here in the [Rails Guides](https://guides.rubyonrails.org/configuring.html#configuring-middleware)
|
|
49
43
|
|
|
50
44
|
### Rack Configuration
|
|
@@ -158,3 +152,7 @@ has a custom protocol (`chrome-extension://`, `ionic://`, etc.) simply exclude t
|
|
|
158
152
|
For example, instead of specifying `chrome-extension://aomjjhallfgjeglblehebfpbcfeobpga` specify `aomjjhallfgjeglblehebfpbcfeobpga` in `origins`.
|
|
159
153
|
|
|
160
154
|
As of 2.0.0 (currently in RC1), you can specify origins with a custom protocol.
|
|
155
|
+
|
|
156
|
+
### Rails 6 Host Matching
|
|
157
|
+
|
|
158
|
+
Rails 6 will block requests from unauthorized hosts, and this issue can be confused as a CORS related error. So in development, if you're making requests using something other than localhost or 127.0.0.1, make sure the server host has been authorized. [More info here](https://guides.rubyonrails.org/configuring.html#actiondispatch-hostauthorization)
|
data/lib/rack/cors/resource.rb
CHANGED
|
@@ -66,7 +66,7 @@ module Rack
|
|
|
66
66
|
'access-control-max-age' => max_age.to_s
|
|
67
67
|
}
|
|
68
68
|
h['access-control-allow-credentials'] = 'true' if credentials
|
|
69
|
-
h
|
|
69
|
+
header_proc.call(h)
|
|
70
70
|
end
|
|
71
71
|
|
|
72
72
|
protected
|
|
@@ -106,7 +106,7 @@ module Rack
|
|
|
106
106
|
|
|
107
107
|
def compile(path)
|
|
108
108
|
if path.respond_to? :to_str
|
|
109
|
-
special_chars = %w[. + ( )]
|
|
109
|
+
special_chars = %w[. + ( ) $]
|
|
110
110
|
pattern =
|
|
111
111
|
path.to_str.gsub(%r{((:\w+)|/\*|[\*#{special_chars.join}])}) do |match|
|
|
112
112
|
case match
|
|
@@ -127,6 +127,16 @@ module Rack
|
|
|
127
127
|
raise TypeError, path
|
|
128
128
|
end
|
|
129
129
|
end
|
|
130
|
+
|
|
131
|
+
def header_proc
|
|
132
|
+
@header_proc ||= begin
|
|
133
|
+
if defined?(Rack::Headers)
|
|
134
|
+
->(h) { h }
|
|
135
|
+
else
|
|
136
|
+
->(h) { Rack::Utils::HeaderHash.new(h) }
|
|
137
|
+
end
|
|
138
|
+
end
|
|
139
|
+
end
|
|
130
140
|
end
|
|
131
141
|
end
|
|
132
142
|
end
|
data/lib/rack/cors/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-cors
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Calvin Yu
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-03-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -90,14 +90,14 @@ dependencies:
|
|
|
90
90
|
name: rack-test
|
|
91
91
|
requirement: !ruby/object:Gem::Requirement
|
|
92
92
|
requirements:
|
|
93
|
-
- - "
|
|
93
|
+
- - ">="
|
|
94
94
|
- !ruby/object:Gem::Version
|
|
95
95
|
version: 1.1.0
|
|
96
96
|
type: :development
|
|
97
97
|
prerelease: false
|
|
98
98
|
version_requirements: !ruby/object:Gem::Requirement
|
|
99
99
|
requirements:
|
|
100
|
-
- - "
|
|
100
|
+
- - ">="
|
|
101
101
|
- !ruby/object:Gem::Version
|
|
102
102
|
version: 1.1.0
|
|
103
103
|
- !ruby/object:Gem::Dependency
|
|
@@ -136,37 +136,20 @@ executables: []
|
|
|
136
136
|
extensions: []
|
|
137
137
|
extra_rdoc_files: []
|
|
138
138
|
files:
|
|
139
|
-
- ".rubocop.yml"
|
|
140
|
-
- ".travis.yml"
|
|
141
139
|
- CHANGELOG.md
|
|
142
|
-
- Gemfile
|
|
143
140
|
- LICENSE.txt
|
|
144
141
|
- README.md
|
|
145
|
-
- Rakefile
|
|
146
142
|
- lib/rack/cors.rb
|
|
147
143
|
- lib/rack/cors/resource.rb
|
|
148
144
|
- lib/rack/cors/resources.rb
|
|
149
145
|
- lib/rack/cors/resources/cors_misconfiguration_error.rb
|
|
150
146
|
- lib/rack/cors/result.rb
|
|
151
147
|
- lib/rack/cors/version.rb
|
|
152
|
-
- rack-cors.gemspec
|
|
153
|
-
- test/.rubocop.yml
|
|
154
|
-
- test/cors/expect.js
|
|
155
|
-
- test/cors/mocha.css
|
|
156
|
-
- test/cors/mocha.js
|
|
157
|
-
- test/cors/runner.html
|
|
158
|
-
- test/cors/test.cors.coffee
|
|
159
|
-
- test/cors/test.cors.js
|
|
160
|
-
- test/unit/cors_test.rb
|
|
161
|
-
- test/unit/dsl_test.rb
|
|
162
|
-
- test/unit/insecure.ru
|
|
163
|
-
- test/unit/non_http.ru
|
|
164
|
-
- test/unit/test.ru
|
|
165
148
|
homepage: https://github.com/cyu/rack-cors
|
|
166
149
|
licenses:
|
|
167
150
|
- MIT
|
|
168
151
|
metadata: {}
|
|
169
|
-
post_install_message:
|
|
152
|
+
post_install_message:
|
|
170
153
|
rdoc_options: []
|
|
171
154
|
require_paths:
|
|
172
155
|
- lib
|
|
@@ -181,20 +164,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
181
164
|
- !ruby/object:Gem::Version
|
|
182
165
|
version: '0'
|
|
183
166
|
requirements: []
|
|
184
|
-
rubygems_version: 3.
|
|
185
|
-
signing_key:
|
|
167
|
+
rubygems_version: 3.3.7
|
|
168
|
+
signing_key:
|
|
186
169
|
specification_version: 4
|
|
187
170
|
summary: Middleware for enabling Cross-Origin Resource Sharing in Rack apps
|
|
188
|
-
test_files:
|
|
189
|
-
- test/.rubocop.yml
|
|
190
|
-
- test/cors/expect.js
|
|
191
|
-
- test/cors/mocha.css
|
|
192
|
-
- test/cors/mocha.js
|
|
193
|
-
- test/cors/runner.html
|
|
194
|
-
- test/cors/test.cors.coffee
|
|
195
|
-
- test/cors/test.cors.js
|
|
196
|
-
- test/unit/cors_test.rb
|
|
197
|
-
- test/unit/dsl_test.rb
|
|
198
|
-
- test/unit/insecure.ru
|
|
199
|
-
- test/unit/non_http.ru
|
|
200
|
-
- test/unit/test.ru
|
|
171
|
+
test_files: []
|
data/.rubocop.yml
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
---
|
|
2
|
-
|
|
3
|
-
AllCops:
|
|
4
|
-
Exclude:
|
|
5
|
-
- 'examples/**/*'
|
|
6
|
-
|
|
7
|
-
# Disables
|
|
8
|
-
Layout/LineLength:
|
|
9
|
-
Enabled: false
|
|
10
|
-
Style/Documentation:
|
|
11
|
-
Enabled: false
|
|
12
|
-
Metrics/ClassLength:
|
|
13
|
-
Enabled: false
|
|
14
|
-
Metrics/MethodLength:
|
|
15
|
-
Enabled: false
|
|
16
|
-
Metrics/BlockLength:
|
|
17
|
-
Enabled: false
|
|
18
|
-
Style/HashEachMethods:
|
|
19
|
-
Enabled: false
|
|
20
|
-
Style/HashTransformKeys:
|
|
21
|
-
Enabled: false
|
|
22
|
-
Style/HashTransformValues:
|
|
23
|
-
Enabled: false
|
|
24
|
-
Style/DoubleNegation:
|
|
25
|
-
Enabled: false
|
|
26
|
-
Metrics/CyclomaticComplexity:
|
|
27
|
-
Enabled: false
|
|
28
|
-
Metrics/PerceivedComplexity:
|
|
29
|
-
Enabled: false
|
|
30
|
-
Metrics/AbcSize:
|
|
31
|
-
Enabled: false
|
data/.travis.yml
DELETED
data/Gemfile
DELETED
data/Rakefile
DELETED
|
@@ -1,22 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require 'bundler/gem_tasks'
|
|
4
|
-
|
|
5
|
-
require 'rake/testtask'
|
|
6
|
-
Rake::TestTask.new(:test) do |test|
|
|
7
|
-
test.libs << 'lib' << 'test'
|
|
8
|
-
test.pattern = 'test/**/*_test.rb'
|
|
9
|
-
test.verbose = true
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
task default: :test
|
|
13
|
-
|
|
14
|
-
require 'rdoc/task'
|
|
15
|
-
Rake::RDocTask.new do |rdoc|
|
|
16
|
-
version = File.exist?('VERSION') ? File.read('VERSION') : ''
|
|
17
|
-
|
|
18
|
-
rdoc.rdoc_dir = 'rdoc'
|
|
19
|
-
rdoc.title = "rack-cors #{version}"
|
|
20
|
-
rdoc.rdoc_files.include('README*')
|
|
21
|
-
rdoc.rdoc_files.include('lib/**/*.rb')
|
|
22
|
-
end
|
data/rack-cors.gemspec
DELETED
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
lib = File.expand_path('lib', __dir__)
|
|
4
|
-
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
5
|
-
require 'rack/cors/version'
|
|
6
|
-
|
|
7
|
-
Gem::Specification.new do |spec|
|
|
8
|
-
spec.name = 'rack-cors'
|
|
9
|
-
spec.version = Rack::Cors::VERSION
|
|
10
|
-
spec.authors = ['Calvin Yu']
|
|
11
|
-
spec.email = ['me@sourcebender.com']
|
|
12
|
-
spec.description = 'Middleware that will make Rack-based apps CORS compatible. Fork the project here: https://github.com/cyu/rack-cors'
|
|
13
|
-
spec.summary = 'Middleware for enabling Cross-Origin Resource Sharing in Rack apps'
|
|
14
|
-
spec.homepage = 'https://github.com/cyu/rack-cors'
|
|
15
|
-
spec.license = 'MIT'
|
|
16
|
-
|
|
17
|
-
spec.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR).reject { |f| (f == '.gitignore') || f =~ /^examples/ }
|
|
18
|
-
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
|
19
|
-
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
20
|
-
spec.require_paths = ['lib']
|
|
21
|
-
|
|
22
|
-
spec.add_dependency 'rack', '>= 2.0.0'
|
|
23
|
-
spec.add_development_dependency 'bundler', '>= 1.16.0', '< 3'
|
|
24
|
-
spec.add_development_dependency 'minitest', '~> 5.11.0'
|
|
25
|
-
spec.add_development_dependency 'mocha', '~> 1.6.0'
|
|
26
|
-
spec.add_development_dependency 'pry', '~> 0.12'
|
|
27
|
-
spec.add_development_dependency 'rack-test', '~> 1.1.0'
|
|
28
|
-
spec.add_development_dependency 'rake', '~> 12.3.0'
|
|
29
|
-
spec.add_development_dependency 'rubocop', '~> 0.80.1'
|
|
30
|
-
end
|