sinatra-cors 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/sinatra/cors.rb +7 -6
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d4f7b70ae703eb840d9b0b7fdb6dba3da07ee847
|
|
4
|
+
data.tar.gz: 71b050ddd584a746ad40cccb75308a02a2366264
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8481507d524e29b50e08bb443303b35df5ae9a05586f4a47e48538acda6957ad136768a252d39c854d64e159d3b087343e7546e046e53144fe4797776c89aeaf
|
|
7
|
+
data.tar.gz: 1239d45d41eb109b7561bd067c822de2f33cebe4c7197eac4fe1aa71c62d2992136867caf95f745749865fa63b0a79e0136c614dcee967f3d998081c8a761630
|
data/lib/sinatra/cors.rb
CHANGED
|
@@ -42,19 +42,20 @@ module Sinatra
|
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def method_is_allowed?
|
|
45
|
-
allow_methods =
|
|
46
|
-
|
|
47
|
-
|
|
45
|
+
allow_methods =
|
|
46
|
+
settings.allow_methods.upcase.split(/\s*,\s*/) &
|
|
47
|
+
response.headers["Allow"].upcase.split(/\s*,\s*/)
|
|
48
|
+
allow_methods.include? request.env["HTTP_ACCESS_CONTROL_REQUEST_METHOD"].upcase
|
|
48
49
|
end
|
|
49
50
|
|
|
50
51
|
def headers_are_allowed?
|
|
51
52
|
allow_headers = settings.allow_headers
|
|
52
53
|
request_headers = request.env["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"] || ""
|
|
53
|
-
(request_headers.split - allow_headers.split).empty?
|
|
54
|
+
(request_headers.downcase.split(/\s*,\s*/) - allow_headers.downcase.split(/\s*,\s*/)).empty?
|
|
54
55
|
end
|
|
55
56
|
|
|
56
57
|
def origin_is_allowed?
|
|
57
|
-
settings.allow_origin == "*" || settings.allow_origin.split.include?(request.env["HTTP_ORIGIN"])
|
|
58
|
+
settings.allow_origin == "*" || settings.allow_origin.downcase.split.include?(request.env["HTTP_ORIGIN"])
|
|
58
59
|
end
|
|
59
60
|
|
|
60
61
|
def allowed_methods
|
|
@@ -110,7 +111,7 @@ to requests with these headers, you can add them to the `allow_headers` sinatra
|
|
|
110
111
|
|
|
111
112
|
pass if allow.size == 1
|
|
112
113
|
|
|
113
|
-
response.headers["Allow"] = allow.join "
|
|
114
|
+
response.headers["Allow"] = allow.join ","
|
|
114
115
|
end
|
|
115
116
|
|
|
116
117
|
app.after do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sinatra-cors
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jason Desrosiers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-07-
|
|
11
|
+
date: 2017-07-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: 'This Sinatra plugin supports the full CORS spec including automatic
|
|
14
14
|
support for CORS preflight (OPTIONS) requests. It uses CORS security best practices. The
|