sinatra-cross_origin 0.3.2 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: a03f46718e570af93fa1d0cc8deb518cd097b500
4
+ data.tar.gz: cb246d9e4800eae895b7188e7b7595072a231c11
5
+ SHA512:
6
+ metadata.gz: 8af36732566a4e47ba78cea2d78405d24a0c7093261bd72623ad897df7a488a474f9e3183f228ed6c042995d5bfe782aa46874e81675970d28630fe9c72cf433
7
+ data.tar.gz: e0fbac867b3bc687bc4721f92c3b17a4dcacb286b9e7fbf128beb032ae9d93a3954e191f588c5ecbb846e4cacb7730b275daee2dd6f4683bf5aec4988d60a363
@@ -23,6 +23,12 @@ To only enable cross origin requests for certain routes:
23
23
  "This is available to cross-origin javascripts"
24
24
  end
25
25
 
26
+ If you're using a modular application, remember to register this extension:
27
+
28
+ ``` ruby
29
+ register Sinatra::CrossOrigin
30
+ ```
31
+
26
32
  ## Global Configuration
27
33
 
28
34
  You can set global options via the normal Sinatra set method:
@@ -44,6 +50,21 @@ You can change configuration options on the fly within routes with:
44
50
  "My custom cross origin response"
45
51
  end
46
52
 
53
+ ## Responding to `OPTIONS`
54
+ Many browsers send an `OPTIONS` request to a server before performing a CORS request (this is part of [the specification for CORS](http://www.w3.org/TR/cors/) ). These sorts of requests are called [preflight requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests). Without a valid response to an `OPTIONS` request, a browser may refuse to make a CORS request (and complain that the CORS request violates the same-origin policy).
55
+
56
+ Currently, this gem does not properly respond to `OPTIONS` requests. See [this issue](https://github.com/britg/sinatra-cross_origin/issues/18). You may have to add code like this in order to make your app properly respond to `OPTIONS` requests:
57
+
58
+ options "*" do
59
+ response.headers["Allow"] = "HEAD,GET,PUT,POST,DELETE,OPTIONS"
60
+
61
+ response.headers["Access-Control-Allow-Headers"] = "X-Requested-With, X-HTTP-Method-Override, Content-Type, Cache-Control, Accept"
62
+
63
+ 200
64
+ end
65
+
66
+
67
+
47
68
  ## License
48
69
  Copyright (c) 2007, 2008, 2009 Brit Gardner
49
70
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.3.2
1
+ 0.4.0
@@ -26,10 +26,26 @@ module Sinatra
26
26
  # from global config or custom config passed
27
27
  # as a hash
28
28
  def cross_origin(hash=nil)
29
- return unless request.env['HTTP_ORIGIN']
29
+ request_origin = request.env['HTTP_ORIGIN']
30
+ return unless request_origin
30
31
  settings.set hash if hash
31
32
 
32
- origin = settings.allow_origin == :any ? request.env['HTTP_ORIGIN'] : settings.allow_origin
33
+ if settings.allow_origin == :any
34
+ origin = request_origin
35
+ else
36
+ allowed_origins = *settings.allow_origin # make sure its an array
37
+ origin = allowed_origins.join('|') # we'll return this unless allowed
38
+
39
+ allowed_origins.each do |allowed_origin|
40
+ if allowed_origin.is_a?(Regexp) ?
41
+ request_origin =~ allowed_origin :
42
+ request_origin == allowed_origin
43
+ origin = request_origin
44
+ break
45
+ end
46
+ end
47
+ end
48
+
33
49
  methods = settings.allow_methods.map{ |m| m.to_s.upcase! }.join(', ')
34
50
 
35
51
  headers_list = {
@@ -63,7 +79,4 @@ module Sinatra
63
79
 
64
80
  end
65
81
  end
66
-
67
- register CrossOrigin
68
-
69
82
  end
@@ -2,14 +2,16 @@
2
2
  # DO NOT EDIT THIS FILE DIRECTLY
3
3
  # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
4
  # -*- encoding: utf-8 -*-
5
+ # stub: sinatra-cross_origin 0.4.0 ruby lib
5
6
 
6
7
  Gem::Specification.new do |s|
7
8
  s.name = "sinatra-cross_origin"
8
- s.version = "0.3.2"
9
+ s.version = "0.4.0"
9
10
 
10
11
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
12
+ s.require_paths = ["lib"]
11
13
  s.authors = ["Brit Gardner"]
12
- s.date = "2013-12-31"
14
+ s.date = "2016-10-20"
13
15
  s.description = "Cross Origin Resource Sharing helper for Sinatra"
14
16
  s.email = "brit@britg.com"
15
17
  s.extra_rdoc_files = [
@@ -23,22 +25,13 @@ Gem::Specification.new do |s|
23
25
  "VERSION",
24
26
  "lib/sinatra/cross_origin.rb",
25
27
  "sinatra-cross_origin.gemspec",
28
+ "test/app/all_routes.rb",
26
29
  "test/app/test_app.rb",
27
30
  "test/test_all.rb",
28
31
  "test/test_helper.rb"
29
32
  ]
30
33
  s.homepage = "http://github.com/britg/sinatra-cross_origin"
31
- s.require_paths = ["lib"]
32
- s.rubygems_version = "1.8.25"
34
+ s.rubygems_version = "2.4.5.1"
33
35
  s.summary = "Cross Origin Resource Sharing helper for Sinatra"
34
-
35
- if s.respond_to? :specification_version then
36
- s.specification_version = 3
37
-
38
- if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
39
- else
40
- end
41
- else
42
- end
43
36
  end
44
37
 
@@ -0,0 +1,11 @@
1
+ require 'sinatra/base'
2
+
3
+ class AllRoutesApp < Sinatra::Base
4
+ register Sinatra::CrossOrigin
5
+ enable :cross_origin
6
+
7
+ get '/' do
8
+ "Hello"
9
+ end
10
+
11
+ end
@@ -26,6 +26,16 @@ class TestApp < Sinatra::Base
26
26
  "Allowing any origin"
27
27
  end
28
28
 
29
+ get '/allow_multiple_origins' do
30
+ cross_origin :allow_origin => ['http://example.com', 'http://example2.com']
31
+ "Allowing multiple origins"
32
+ end
33
+
34
+ get '/allow_multiple_origins_with_reg_ex' do
35
+ cross_origin :allow_origin => ['http://example.com', /http:\/\/(?:sub-1|sub-2)\.example\.com/]
36
+ "Allowing multiple origins with regular expressions"
37
+ end
38
+
29
39
  get '/allow_methods' do
30
40
  cross_origin :allow_methods => params[:methods].split(', ')
31
41
  "Allowing methods"
@@ -41,6 +41,30 @@ class HelloTest < Test::Unit::TestCase
41
41
  assert_equal 'http://example.com', last_response.headers['Access-Control-Allow-Origin']
42
42
  end
43
43
 
44
+ def test_allow_multiple_origins
45
+ get '/allow_multiple_origins', {}, {'HTTP_ORIGIN' => 'http://example.com'}
46
+ assert last_response.ok?
47
+ assert_equal 'http://example.com', last_response.headers['Access-Control-Allow-Origin']
48
+
49
+ get '/allow_multiple_origins', {}, {'HTTP_ORIGIN' => 'http://example2.com'}
50
+ assert last_response.ok?
51
+ assert_equal 'http://example2.com', last_response.headers['Access-Control-Allow-Origin']
52
+
53
+ get '/allow_multiple_origins', {}, {'HTTP_ORIGIN' => 'http://example3.com'}
54
+ assert last_response.ok?
55
+ assert_equal 'http://example.com|http://example2.com', last_response.headers['Access-Control-Allow-Origin']
56
+ end
57
+
58
+ def test_allow_multiple_origins_with_reg_ex
59
+ get '/allow_multiple_origins_with_reg_ex', {}, {'HTTP_ORIGIN' => 'http://example.com'}
60
+ assert last_response.ok?
61
+ assert_equal 'http://example.com', last_response.headers['Access-Control-Allow-Origin']
62
+
63
+ get '/allow_multiple_origins_with_reg_ex', {}, {'HTTP_ORIGIN' => 'http://sub-1.example.com'}
64
+ assert last_response.ok?
65
+ assert_equal 'http://sub-1.example.com', last_response.headers['Access-Control-Allow-Origin']
66
+ end
67
+
44
68
  def test_allow_methods
45
69
  get '/allow_methods', {:methods=>'get, post'}, {'HTTP_ORIGIN' => 'http://localhost'}
46
70
  assert last_response.ok?
@@ -66,3 +90,30 @@ class HelloTest < Test::Unit::TestCase
66
90
  end
67
91
 
68
92
  end
93
+
94
+ class AllRoutesTest < Test::Unit::TestCase
95
+ include Rack::Test::Methods
96
+
97
+ def app
98
+ AllRoutesApp
99
+ end
100
+
101
+ def test_it_says_hello
102
+ get '/'
103
+ assert last_response.ok?
104
+ assert_equal 'Hello', last_response.body
105
+ end
106
+
107
+ def test_cross_origin_is_silent_on_same_origin_request
108
+ get '/'
109
+ assert last_response.ok?
110
+ assert_equal nil, last_response.headers['Access-Control-Allow-Origin']
111
+ end
112
+
113
+ def test_allow_any_origin
114
+ get '/', {}, {'HTTP_ORIGIN' => 'http://localhost'}
115
+ assert last_response.ok?
116
+ assert_equal 'http://localhost', last_response.headers['Access-Control-Allow-Origin']
117
+ end
118
+
119
+ end
@@ -1,4 +1,5 @@
1
1
  require File.expand_path(File.dirname(__FILE__) + '/../lib/sinatra/cross_origin')
2
2
  require 'app/test_app'
3
+ require 'app/all_routes'
3
4
  require 'test/unit'
4
5
  require 'rack/test'
metadata CHANGED
@@ -1,15 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sinatra-cross_origin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.2
5
- prerelease:
4
+ version: 0.4.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Brit Gardner
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2013-12-31 00:00:00.000000000 Z
11
+ date: 2016-10-20 00:00:00.000000000 Z
13
12
  dependencies: []
14
13
  description: Cross Origin Resource Sharing helper for Sinatra
15
14
  email: brit@britg.com
@@ -25,31 +24,31 @@ files:
25
24
  - VERSION
26
25
  - lib/sinatra/cross_origin.rb
27
26
  - sinatra-cross_origin.gemspec
27
+ - test/app/all_routes.rb
28
28
  - test/app/test_app.rb
29
29
  - test/test_all.rb
30
30
  - test/test_helper.rb
31
31
  homepage: http://github.com/britg/sinatra-cross_origin
32
32
  licenses: []
33
+ metadata: {}
33
34
  post_install_message:
34
35
  rdoc_options: []
35
36
  require_paths:
36
37
  - lib
37
38
  required_ruby_version: !ruby/object:Gem::Requirement
38
- none: false
39
39
  requirements:
40
- - - ! '>='
40
+ - - ">="
41
41
  - !ruby/object:Gem::Version
42
42
  version: '0'
43
43
  required_rubygems_version: !ruby/object:Gem::Requirement
44
- none: false
45
44
  requirements:
46
- - - ! '>='
45
+ - - ">="
47
46
  - !ruby/object:Gem::Version
48
47
  version: '0'
49
48
  requirements: []
50
49
  rubyforge_project:
51
- rubygems_version: 1.8.25
50
+ rubygems_version: 2.4.5.1
52
51
  signing_key:
53
- specification_version: 3
52
+ specification_version: 4
54
53
  summary: Cross Origin Resource Sharing helper for Sinatra
55
54
  test_files: []