sinatra-cors 1.0.1 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/sinatra/cors.rb +15 -4
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eec892821ef7e4305cc56e5e4861d15d367c4a7a
|
|
4
|
+
data.tar.gz: 382419f5dbe192cf489979dcf88304c63d1cf5a6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bd68aca87befc236ed071d832fa57c1af7ad662aa857d5b5a90c516022d878b311c77d5fd35ed31dcaec37d6705d36a05703859326961b94a984ef8ae7160908
|
|
7
|
+
data.tar.gz: 2047c36bce901140d5c65724715644492509e60b264b4947115547c85b32481575c3ca08e304cbab131158be73fb4bde11c9570f5437bd698a2783725abbe94a
|
data/lib/sinatra/cors.rb
CHANGED
|
@@ -16,8 +16,8 @@ module Sinatra
|
|
|
16
16
|
return
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
-
response.headers["Access-Control-Allow-Headers"] =
|
|
20
|
-
response.headers["Access-Control-Allow-Methods"] =
|
|
19
|
+
response.headers["Access-Control-Allow-Headers"] = request_headers if request_headers
|
|
20
|
+
response.headers["Access-Control-Allow-Methods"] = request_method
|
|
21
21
|
response.headers["Access-Control-Max-Age"] = settings.max_age if settings.max_age?
|
|
22
22
|
else
|
|
23
23
|
response.headers["Access-Control-Expose-Headers"] = settings.expose_headers if settings.expose_headers?
|
|
@@ -68,7 +68,15 @@ module Sinatra
|
|
|
68
68
|
end
|
|
69
69
|
end
|
|
70
70
|
|
|
71
|
-
matches
|
|
71
|
+
matches.uniq
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def request_headers
|
|
75
|
+
request.env["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"]
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
def request_method
|
|
79
|
+
request.env["HTTP_ACCESS_CONTROL_REQUEST_METHOD"]
|
|
72
80
|
end
|
|
73
81
|
|
|
74
82
|
private
|
|
@@ -88,7 +96,10 @@ to requests with these headers, you can add them to the `allow_headers` sinatra
|
|
|
88
96
|
end
|
|
89
97
|
|
|
90
98
|
def bad_origin_message
|
|
91
|
-
"This CORS request was rejected because the client is making the request from
|
|
99
|
+
"This CORS request was rejected because the client is making the request from \
|
|
100
|
+
'#{request.env["HTTP_ORIGIN"]}', but the server only allows requests from '#{settings.allow_origin}'. \
|
|
101
|
+
To allow the server to respond to requests from this origin, you can add it to the `allow_origin` \
|
|
102
|
+
sinatra setting."
|
|
92
103
|
end
|
|
93
104
|
end
|
|
94
105
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sinatra-cors
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jason Desrosiers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-10-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: 'This Sinatra plugin supports the full CORS spec including automatic
|
|
14
14
|
support for CORS preflight (OPTIONS) requests. It uses CORS security best practices. The
|
|
@@ -42,7 +42,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
42
42
|
version: '0'
|
|
43
43
|
requirements: []
|
|
44
44
|
rubyforge_project:
|
|
45
|
-
rubygems_version: 2.
|
|
45
|
+
rubygems_version: 2.6.12
|
|
46
46
|
signing_key:
|
|
47
47
|
specification_version: 4
|
|
48
48
|
summary: CORS support for Sinatra applications
|