sinatra-cross_origin 0.2.0 → 0.3.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/README.markdown +3 -2
  2. data/VERSION +1 -1
  3. data/lib/sinatra/cross_origin.rb +10 -3
  4. data/sinatra-cross_origin.gemspec +3 -3
  5. data/test/app/test_app.rb +5 -0
  6. data/test/test_all.rb +7 -0
  7. metadata +3 -3
data/README.markdown CHANGED
@@ -2,8 +2,8 @@
2
2
  A simple Sinatra extension to enable Cross Domain Resource Sharing (CORS)
3
3
  To see more on cross domain resource sharing, see https://developer.mozilla.org/En/HTTP_access_control
4
4
 
5
- ## Installation
6
- sudo gem install sinatra-cross_origin
5
+ ## Installation with Bundler
6
+ `gem sinatra-cross_origin`
7
7
 
8
8
  ## Examples
9
9
 
@@ -31,6 +31,7 @@ You can set global options via the normal Sinatra set method:
31
31
  set :allow_methods, [:get, :post, :options]
32
32
  set :allow_credentials, true
33
33
  set :max_age, "1728000"
34
+ set :expose_headers, ['Content-Type']
34
35
 
35
36
  You can change configuration options on the fly within routes with:
36
37
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.2.0
1
+ 0.3.1
data/lib/sinatra/cross_origin.rb CHANGED
@@ -31,11 +31,18 @@ module Sinatra
31
31
 
32
32
  origin = settings.allow_origin == :any ? request.env['HTTP_ORIGIN'] : settings.allow_origin
33
33
  methods = settings.allow_methods.map{ |m| m.to_s.upcase! }.join(', ')
34
+ expose_headers = settings.expose_headers || %w(Cache-Control Content-Language Content-Type Expires Last-Modified Pragma)
34
35
 
35
- headers 'Access-Control-Allow-Origin' => origin,
36
+ headers_list = {
37
+ 'Access-Control-Allow-Origin' => origin,
36
38
  'Access-Control-Allow-Methods' => methods,
39
+ 'Access-Control-Allow-Headers' => settings.allow_headers.map(&:to_s).join(', '),
37
40
  'Access-Control-Allow-Credentials' => settings.allow_credentials.to_s,
38
- 'Access-Control-Max-Age' => settings.max_age.to_s
41
+ 'Access-Control-Max-Age' => settings.max_age.to_s,
42
+ 'Access-Control-Expose-Headers' => expose_headers.join(', ')
43
+ }
44
+
45
+ headers headers_list
39
46
  end
40
47
  end
41
48
 
@@ -47,9 +54,9 @@ module Sinatra
47
54
  app.set :allow_origin, :any
48
55
  app.set :allow_methods, [:post, :get, :options]
49
56
  app.set :allow_credentials, true
57
+ app.set :allow_headers, ["*", "Content-Type", "Accept", "AUTHORIZATION", "Cache-Control"]
50
58
  app.set :max_age, 1728000
51
59
 
52
-
53
60
  app.before do
54
61
  cross_origin if settings.cross_origin
55
62
  end
data/sinatra-cross_origin.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = "sinatra-cross_origin"
8
- s.version = "0.2.0"
8
+ s.version = "0.3.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Brit Gardner"]
12
- s.date = "2012-07-19"
12
+ s.date = "2013-12-30"
13
13
  s.description = "Cross Origin Resource Sharing helper for Sinatra"
14
14
  s.email = "brit@britg.com"
15
15
  s.extra_rdoc_files = [
@@ -29,7 +29,7 @@ Gem::Specification.new do |s|
29
29
  ]
30
30
  s.homepage = "http://github.com/britg/sinatra-cross_origin"
31
31
  s.require_paths = ["lib"]
32
- s.rubygems_version = "1.8.11"
32
+ s.rubygems_version = "1.8.25"
33
33
  s.summary = "Cross Origin Resource Sharing helper for Sinatra"
34
34
 
35
35
  if s.respond_to? :specification_version then
data/test/app/test_app.rb CHANGED
@@ -31,6 +31,11 @@ class TestApp < Sinatra::Base
31
31
  "Allowing methods"
32
32
  end
33
33
 
34
+ get '/allow_headers' do
35
+ cross_origin :allow_headers => params[:allow_headers]
36
+ "Allowing headers"
37
+ end
38
+
34
39
  get '/dont_allow_credentials' do
35
40
  cross_origin :allow_credentials => false
36
41
  "Not allowing credentials"
data/test/test_all.rb CHANGED
@@ -14,6 +14,7 @@ class HelloTest < Test::Unit::TestCase
14
14
  assert_equal 'POST, GET, OPTIONS', last_response.headers['Access-Control-Allow-Methods']
15
15
  assert_equal 'true', last_response.headers['Access-Control-Allow-Credentials']
16
16
  assert_equal "1728000", last_response.headers['Access-Control-Max-Age']
17
+ assert_equal false, last_response.headers.has_key?('Access-Control-Allow-Headers')
17
18
  end
18
19
 
19
20
  def test_it_says_hello
@@ -46,6 +47,12 @@ class HelloTest < Test::Unit::TestCase
46
47
  assert_equal 'GET, POST', last_response.headers['Access-Control-Allow-Methods']
47
48
  end
48
49
 
50
+ def test_allow_headers
51
+ get '/allow_headers', {:allow_headers=>['Content-Type', 'Origin', 'Accept']}, {'HTTP_ORIGIN' => 'http://localhost'}
52
+ assert last_response.ok?
53
+ assert_equal 'Content-Type, Origin, Accept', last_response.headers['Access-Control-Allow-Headers']
54
+ end
55
+
49
56
  def test_dont_allow_credentials
50
57
  get '/dont_allow_credentials', {}, {'HTTP_ORIGIN' => 'http://localhost'}
51
58
  assert last_response.ok?
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sinatra-cross_origin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-07-19 00:00:00.000000000Z
12
+ date: 2013-12-30 00:00:00.000000000 Z
13
13
  dependencies: []
14
14
  description: Cross Origin Resource Sharing helper for Sinatra
15
15
  email: brit@britg.com
@@ -48,7 +48,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
48
48
  version: '0'
49
49
  requirements: []
50
50
  rubyforge_project:
51
- rubygems_version: 1.8.11
51
+ rubygems_version: 1.8.25
52
52
  signing_key:
53
53
  specification_version: 3
54
54
  summary: Cross Origin Resource Sharing helper for Sinatra