sinatra-cross_origin 0.2.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/README.markdown +3 -2
  2. data/VERSION +1 -1
  3. data/lib/sinatra/cross_origin.rb +10 -3
  4. data/sinatra-cross_origin.gemspec +3 -3
  5. data/test/app/test_app.rb +5 -0
  6. data/test/test_all.rb +7 -0
  7. metadata +3 -3
data/README.markdown CHANGED
@@ -2,8 +2,8 @@
2
2
  A simple Sinatra extension to enable Cross Domain Resource Sharing (CORS)
3
3
  To see more on cross domain resource sharing, see https://developer.mozilla.org/En/HTTP_access_control
4
4
 
5
- ## Installation
6
- sudo gem install sinatra-cross_origin
5
+ ## Installation with Bundler
6
+ `gem sinatra-cross_origin`
7
7
 
8
8
  ## Examples
9
9
 
@@ -31,6 +31,7 @@ You can set global options via the normal Sinatra set method:
31
31
  set :allow_methods, [:get, :post, :options]
32
32
  set :allow_credentials, true
33
33
  set :max_age, "1728000"
34
+ set :expose_headers, ['Content-Type']
34
35
 
35
36
  You can change configuration options on the fly within routes with:
36
37
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.2.0
1
+ 0.3.1
data/lib/sinatra/cross_origin.rb CHANGED
@@ -31,11 +31,18 @@ module Sinatra
31
31
 
32
32
  origin = settings.allow_origin == :any ? request.env['HTTP_ORIGIN'] : settings.allow_origin
33
33
  methods = settings.allow_methods.map{ |m| m.to_s.upcase! }.join(', ')
34
+ expose_headers = settings.expose_headers || %w(Cache-Control Content-Language Content-Type Expires Last-Modified Pragma)
34
35
 
35
- headers 'Access-Control-Allow-Origin' => origin,
36
+ headers_list = {
37
+ 'Access-Control-Allow-Origin' => origin,
36
38
  'Access-Control-Allow-Methods' => methods,
39
+ 'Access-Control-Allow-Headers' => settings.allow_headers.map(&:to_s).join(', '),
37
40
  'Access-Control-Allow-Credentials' => settings.allow_credentials.to_s,
38
- 'Access-Control-Max-Age' => settings.max_age.to_s
41
+ 'Access-Control-Max-Age' => settings.max_age.to_s,
42
+ 'Access-Control-Expose-Headers' => expose_headers.join(', ')
43
+ }
44
+
45
+ headers headers_list
39
46
  end
40
47
  end
41
48
 
@@ -47,9 +54,9 @@ module Sinatra
47
54
  app.set :allow_origin, :any
48
55
  app.set :allow_methods, [:post, :get, :options]
49
56
  app.set :allow_credentials, true
57
+ app.set :allow_headers, ["*", "Content-Type", "Accept", "AUTHORIZATION", "Cache-Control"]
50
58
  app.set :max_age, 1728000
51
59
 
52
-
53
60
  app.before do
54
61
  cross_origin if settings.cross_origin
55
62
  end
data/sinatra-cross_origin.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = "sinatra-cross_origin"
8
- s.version = "0.2.0"
8
+ s.version = "0.3.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Brit Gardner"]
12
- s.date = "2012-07-19"
12
+ s.date = "2013-12-30"
13
13
  s.description = "Cross Origin Resource Sharing helper for Sinatra"
14
14
  s.email = "brit@britg.com"
15
15
  s.extra_rdoc_files = [
@@ -29,7 +29,7 @@ Gem::Specification.new do |s|
29
29
  ]
30
30
  s.homepage = "http://github.com/britg/sinatra-cross_origin"
31
31
  s.require_paths = ["lib"]
32
- s.rubygems_version = "1.8.11"
32
+ s.rubygems_version = "1.8.25"
33
33
  s.summary = "Cross Origin Resource Sharing helper for Sinatra"
34
34
 
35
35
  if s.respond_to? :specification_version then
data/test/app/test_app.rb CHANGED
@@ -31,6 +31,11 @@ class TestApp < Sinatra::Base
31
31
  "Allowing methods"
32
32
  end
33
33
 
34
+ get '/allow_headers' do
35
+ cross_origin :allow_headers => params[:allow_headers]
36
+ "Allowing headers"
37
+ end
38
+
34
39
  get '/dont_allow_credentials' do
35
40
  cross_origin :allow_credentials => false
36
41
  "Not allowing credentials"
data/test/test_all.rb CHANGED
@@ -14,6 +14,7 @@ class HelloTest < Test::Unit::TestCase
14
14
  assert_equal 'POST, GET, OPTIONS', last_response.headers['Access-Control-Allow-Methods']
15
15
  assert_equal 'true', last_response.headers['Access-Control-Allow-Credentials']
16
16
  assert_equal "1728000", last_response.headers['Access-Control-Max-Age']
17
+ assert_equal false, last_response.headers.has_key?('Access-Control-Allow-Headers')
17
18
  end
18
19
 
19
20
  def test_it_says_hello
@@ -46,6 +47,12 @@ class HelloTest < Test::Unit::TestCase
46
47
  assert_equal 'GET, POST', last_response.headers['Access-Control-Allow-Methods']
47
48
  end
48
49
 
50
+ def test_allow_headers
51
+ get '/allow_headers', {:allow_headers=>['Content-Type', 'Origin', 'Accept']}, {'HTTP_ORIGIN' => 'http://localhost'}
52
+ assert last_response.ok?
53
+ assert_equal 'Content-Type, Origin, Accept', last_response.headers['Access-Control-Allow-Headers']
54
+ end
55
+
49
56
  def test_dont_allow_credentials
50
57
  get '/dont_allow_credentials', {}, {'HTTP_ORIGIN' => 'http://localhost'}
51
58
  assert last_response.ok?
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sinatra-cross_origin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-07-19 00:00:00.000000000Z
12
+ date: 2013-12-30 00:00:00.000000000 Z
13
13
  dependencies: []
14
14
  description: Cross Origin Resource Sharing helper for Sinatra
15
15
  email: brit@britg.com
@@ -48,7 +48,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
48
48
  version: '0'
49
49
  requirements: []
50
50
  rubyforge_project:
51
- rubygems_version: 1.8.11
51
+ rubygems_version: 1.8.25
52
52
  signing_key:
53
53
  specification_version: 3
54
54
  summary: Cross Origin Resource Sharing helper for Sinatra