sinatra-cross_origin 0.2.0 → 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.markdown +3 -2
- data/VERSION +1 -1
- data/lib/sinatra/cross_origin.rb +10 -3
- data/sinatra-cross_origin.gemspec +3 -3
- data/test/app/test_app.rb +5 -0
- data/test/test_all.rb +7 -0
- metadata +3 -3
data/README.markdown
CHANGED
@@ -2,8 +2,8 @@
|
|
2
2
|
A simple Sinatra extension to enable Cross Domain Resource Sharing (CORS)
|
3
3
|
To see more on cross domain resource sharing, see https://developer.mozilla.org/En/HTTP_access_control
|
4
4
|
|
5
|
-
## Installation
|
6
|
-
|
5
|
+
## Installation with Bundler
|
6
|
+
`gem sinatra-cross_origin`
|
7
7
|
|
8
8
|
## Examples
|
9
9
|
|
@@ -31,6 +31,7 @@ You can set global options via the normal Sinatra set method:
|
|
31
31
|
set :allow_methods, [:get, :post, :options]
|
32
32
|
set :allow_credentials, true
|
33
33
|
set :max_age, "1728000"
|
34
|
+
set :expose_headers, ['Content-Type']
|
34
35
|
|
35
36
|
You can change configuration options on the fly within routes with:
|
36
37
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.
|
1
|
+
0.3.1
|
data/lib/sinatra/cross_origin.rb
CHANGED
@@ -31,11 +31,18 @@ module Sinatra
|
|
31
31
|
|
32
32
|
origin = settings.allow_origin == :any ? request.env['HTTP_ORIGIN'] : settings.allow_origin
|
33
33
|
methods = settings.allow_methods.map{ |m| m.to_s.upcase! }.join(', ')
|
34
|
+
expose_headers = settings.expose_headers || %w(Cache-Control Content-Language Content-Type Expires Last-Modified Pragma)
|
34
35
|
|
35
|
-
|
36
|
+
headers_list = {
|
37
|
+
'Access-Control-Allow-Origin' => origin,
|
36
38
|
'Access-Control-Allow-Methods' => methods,
|
39
|
+
'Access-Control-Allow-Headers' => settings.allow_headers.map(&:to_s).join(', '),
|
37
40
|
'Access-Control-Allow-Credentials' => settings.allow_credentials.to_s,
|
38
|
-
'Access-Control-Max-Age' => settings.max_age.to_s
|
41
|
+
'Access-Control-Max-Age' => settings.max_age.to_s,
|
42
|
+
'Access-Control-Expose-Headers' => expose_headers.join(', ')
|
43
|
+
}
|
44
|
+
|
45
|
+
headers headers_list
|
39
46
|
end
|
40
47
|
end
|
41
48
|
|
@@ -47,9 +54,9 @@ module Sinatra
|
|
47
54
|
app.set :allow_origin, :any
|
48
55
|
app.set :allow_methods, [:post, :get, :options]
|
49
56
|
app.set :allow_credentials, true
|
57
|
+
app.set :allow_headers, ["*", "Content-Type", "Accept", "AUTHORIZATION", "Cache-Control"]
|
50
58
|
app.set :max_age, 1728000
|
51
59
|
|
52
|
-
|
53
60
|
app.before do
|
54
61
|
cross_origin if settings.cross_origin
|
55
62
|
end
|
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = "sinatra-cross_origin"
|
8
|
-
s.version = "0.
|
8
|
+
s.version = "0.3.1"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Brit Gardner"]
|
12
|
-
s.date = "
|
12
|
+
s.date = "2013-12-30"
|
13
13
|
s.description = "Cross Origin Resource Sharing helper for Sinatra"
|
14
14
|
s.email = "brit@britg.com"
|
15
15
|
s.extra_rdoc_files = [
|
@@ -29,7 +29,7 @@ Gem::Specification.new do |s|
|
|
29
29
|
]
|
30
30
|
s.homepage = "http://github.com/britg/sinatra-cross_origin"
|
31
31
|
s.require_paths = ["lib"]
|
32
|
-
s.rubygems_version = "1.8.
|
32
|
+
s.rubygems_version = "1.8.25"
|
33
33
|
s.summary = "Cross Origin Resource Sharing helper for Sinatra"
|
34
34
|
|
35
35
|
if s.respond_to? :specification_version then
|
data/test/app/test_app.rb
CHANGED
@@ -31,6 +31,11 @@ class TestApp < Sinatra::Base
|
|
31
31
|
"Allowing methods"
|
32
32
|
end
|
33
33
|
|
34
|
+
get '/allow_headers' do
|
35
|
+
cross_origin :allow_headers => params[:allow_headers]
|
36
|
+
"Allowing headers"
|
37
|
+
end
|
38
|
+
|
34
39
|
get '/dont_allow_credentials' do
|
35
40
|
cross_origin :allow_credentials => false
|
36
41
|
"Not allowing credentials"
|
data/test/test_all.rb
CHANGED
@@ -14,6 +14,7 @@ class HelloTest < Test::Unit::TestCase
|
|
14
14
|
assert_equal 'POST, GET, OPTIONS', last_response.headers['Access-Control-Allow-Methods']
|
15
15
|
assert_equal 'true', last_response.headers['Access-Control-Allow-Credentials']
|
16
16
|
assert_equal "1728000", last_response.headers['Access-Control-Max-Age']
|
17
|
+
assert_equal false, last_response.headers.has_key?('Access-Control-Allow-Headers')
|
17
18
|
end
|
18
19
|
|
19
20
|
def test_it_says_hello
|
@@ -46,6 +47,12 @@ class HelloTest < Test::Unit::TestCase
|
|
46
47
|
assert_equal 'GET, POST', last_response.headers['Access-Control-Allow-Methods']
|
47
48
|
end
|
48
49
|
|
50
|
+
def test_allow_headers
|
51
|
+
get '/allow_headers', {:allow_headers=>['Content-Type', 'Origin', 'Accept']}, {'HTTP_ORIGIN' => 'http://localhost'}
|
52
|
+
assert last_response.ok?
|
53
|
+
assert_equal 'Content-Type, Origin, Accept', last_response.headers['Access-Control-Allow-Headers']
|
54
|
+
end
|
55
|
+
|
49
56
|
def test_dont_allow_credentials
|
50
57
|
get '/dont_allow_credentials', {}, {'HTTP_ORIGIN' => 'http://localhost'}
|
51
58
|
assert last_response.ok?
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sinatra-cross_origin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2013-12-30 00:00:00.000000000 Z
|
13
13
|
dependencies: []
|
14
14
|
description: Cross Origin Resource Sharing helper for Sinatra
|
15
15
|
email: brit@britg.com
|
@@ -48,7 +48,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
48
48
|
version: '0'
|
49
49
|
requirements: []
|
50
50
|
rubyforge_project:
|
51
|
-
rubygems_version: 1.8.
|
51
|
+
rubygems_version: 1.8.25
|
52
52
|
signing_key:
|
53
53
|
specification_version: 3
|
54
54
|
summary: Cross Origin Resource Sharing helper for Sinatra
|