sinatra-cross_origin 0.3.2 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/README.markdown +21 -0
- data/VERSION +1 -1
- data/lib/sinatra/cross_origin.rb +18 -5
- data/sinatra-cross_origin.gemspec +6 -13
- data/test/app/all_routes.rb +11 -0
- data/test/app/test_app.rb +10 -0
- data/test/test_all.rb +51 -0
- data/test/test_helper.rb +1 -0
- metadata +8 -9
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: a03f46718e570af93fa1d0cc8deb518cd097b500
|
4
|
+
data.tar.gz: cb246d9e4800eae895b7188e7b7595072a231c11
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 8af36732566a4e47ba78cea2d78405d24a0c7093261bd72623ad897df7a488a474f9e3183f228ed6c042995d5bfe782aa46874e81675970d28630fe9c72cf433
|
7
|
+
data.tar.gz: e0fbac867b3bc687bc4721f92c3b17a4dcacb286b9e7fbf128beb032ae9d93a3954e191f588c5ecbb846e4cacb7730b275daee2dd6f4683bf5aec4988d60a363
|
data/README.markdown
CHANGED
@@ -23,6 +23,12 @@ To only enable cross origin requests for certain routes:
|
|
23
23
|
"This is available to cross-origin javascripts"
|
24
24
|
end
|
25
25
|
|
26
|
+
If you're using a modular application, remember to register this extension:
|
27
|
+
|
28
|
+
``` ruby
|
29
|
+
register Sinatra::CrossOrigin
|
30
|
+
```
|
31
|
+
|
26
32
|
## Global Configuration
|
27
33
|
|
28
34
|
You can set global options via the normal Sinatra set method:
|
@@ -44,6 +50,21 @@ You can change configuration options on the fly within routes with:
|
|
44
50
|
"My custom cross origin response"
|
45
51
|
end
|
46
52
|
|
53
|
+
## Responding to `OPTIONS`
|
54
|
+
Many browsers send an `OPTIONS` request to a server before performing a CORS request (this is part of [the specification for CORS](http://www.w3.org/TR/cors/) ). These sorts of requests are called [preflight requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests). Without a valid response to an `OPTIONS` request, a browser may refuse to make a CORS request (and complain that the CORS request violates the same-origin policy).
|
55
|
+
|
56
|
+
Currently, this gem does not properly respond to `OPTIONS` requests. See [this issue](https://github.com/britg/sinatra-cross_origin/issues/18). You may have to add code like this in order to make your app properly respond to `OPTIONS` requests:
|
57
|
+
|
58
|
+
options "*" do
|
59
|
+
response.headers["Allow"] = "HEAD,GET,PUT,POST,DELETE,OPTIONS"
|
60
|
+
|
61
|
+
response.headers["Access-Control-Allow-Headers"] = "X-Requested-With, X-HTTP-Method-Override, Content-Type, Cache-Control, Accept"
|
62
|
+
|
63
|
+
200
|
64
|
+
end
|
65
|
+
|
66
|
+
|
67
|
+
|
47
68
|
## License
|
48
69
|
Copyright (c) 2007, 2008, 2009 Brit Gardner
|
49
70
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.
|
1
|
+
0.4.0
|
data/lib/sinatra/cross_origin.rb
CHANGED
@@ -26,10 +26,26 @@ module Sinatra
|
|
26
26
|
# from global config or custom config passed
|
27
27
|
# as a hash
|
28
28
|
def cross_origin(hash=nil)
|
29
|
-
|
29
|
+
request_origin = request.env['HTTP_ORIGIN']
|
30
|
+
return unless request_origin
|
30
31
|
settings.set hash if hash
|
31
32
|
|
32
|
-
|
33
|
+
if settings.allow_origin == :any
|
34
|
+
origin = request_origin
|
35
|
+
else
|
36
|
+
allowed_origins = *settings.allow_origin # make sure its an array
|
37
|
+
origin = allowed_origins.join('|') # we'll return this unless allowed
|
38
|
+
|
39
|
+
allowed_origins.each do |allowed_origin|
|
40
|
+
if allowed_origin.is_a?(Regexp) ?
|
41
|
+
request_origin =~ allowed_origin :
|
42
|
+
request_origin == allowed_origin
|
43
|
+
origin = request_origin
|
44
|
+
break
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
33
49
|
methods = settings.allow_methods.map{ |m| m.to_s.upcase! }.join(', ')
|
34
50
|
|
35
51
|
headers_list = {
|
@@ -63,7 +79,4 @@ module Sinatra
|
|
63
79
|
|
64
80
|
end
|
65
81
|
end
|
66
|
-
|
67
|
-
register CrossOrigin
|
68
|
-
|
69
82
|
end
|
@@ -2,14 +2,16 @@
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
+
# stub: sinatra-cross_origin 0.4.0 ruby lib
|
5
6
|
|
6
7
|
Gem::Specification.new do |s|
|
7
8
|
s.name = "sinatra-cross_origin"
|
8
|
-
s.version = "0.
|
9
|
+
s.version = "0.4.0"
|
9
10
|
|
10
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
|
+
s.require_paths = ["lib"]
|
11
13
|
s.authors = ["Brit Gardner"]
|
12
|
-
s.date = "
|
14
|
+
s.date = "2016-10-20"
|
13
15
|
s.description = "Cross Origin Resource Sharing helper for Sinatra"
|
14
16
|
s.email = "brit@britg.com"
|
15
17
|
s.extra_rdoc_files = [
|
@@ -23,22 +25,13 @@ Gem::Specification.new do |s|
|
|
23
25
|
"VERSION",
|
24
26
|
"lib/sinatra/cross_origin.rb",
|
25
27
|
"sinatra-cross_origin.gemspec",
|
28
|
+
"test/app/all_routes.rb",
|
26
29
|
"test/app/test_app.rb",
|
27
30
|
"test/test_all.rb",
|
28
31
|
"test/test_helper.rb"
|
29
32
|
]
|
30
33
|
s.homepage = "http://github.com/britg/sinatra-cross_origin"
|
31
|
-
s.
|
32
|
-
s.rubygems_version = "1.8.25"
|
34
|
+
s.rubygems_version = "2.4.5.1"
|
33
35
|
s.summary = "Cross Origin Resource Sharing helper for Sinatra"
|
34
|
-
|
35
|
-
if s.respond_to? :specification_version then
|
36
|
-
s.specification_version = 3
|
37
|
-
|
38
|
-
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
39
|
-
else
|
40
|
-
end
|
41
|
-
else
|
42
|
-
end
|
43
36
|
end
|
44
37
|
|
data/test/app/test_app.rb
CHANGED
@@ -26,6 +26,16 @@ class TestApp < Sinatra::Base
|
|
26
26
|
"Allowing any origin"
|
27
27
|
end
|
28
28
|
|
29
|
+
get '/allow_multiple_origins' do
|
30
|
+
cross_origin :allow_origin => ['http://example.com', 'http://example2.com']
|
31
|
+
"Allowing multiple origins"
|
32
|
+
end
|
33
|
+
|
34
|
+
get '/allow_multiple_origins_with_reg_ex' do
|
35
|
+
cross_origin :allow_origin => ['http://example.com', /http:\/\/(?:sub-1|sub-2)\.example\.com/]
|
36
|
+
"Allowing multiple origins with regular expressions"
|
37
|
+
end
|
38
|
+
|
29
39
|
get '/allow_methods' do
|
30
40
|
cross_origin :allow_methods => params[:methods].split(', ')
|
31
41
|
"Allowing methods"
|
data/test/test_all.rb
CHANGED
@@ -41,6 +41,30 @@ class HelloTest < Test::Unit::TestCase
|
|
41
41
|
assert_equal 'http://example.com', last_response.headers['Access-Control-Allow-Origin']
|
42
42
|
end
|
43
43
|
|
44
|
+
def test_allow_multiple_origins
|
45
|
+
get '/allow_multiple_origins', {}, {'HTTP_ORIGIN' => 'http://example.com'}
|
46
|
+
assert last_response.ok?
|
47
|
+
assert_equal 'http://example.com', last_response.headers['Access-Control-Allow-Origin']
|
48
|
+
|
49
|
+
get '/allow_multiple_origins', {}, {'HTTP_ORIGIN' => 'http://example2.com'}
|
50
|
+
assert last_response.ok?
|
51
|
+
assert_equal 'http://example2.com', last_response.headers['Access-Control-Allow-Origin']
|
52
|
+
|
53
|
+
get '/allow_multiple_origins', {}, {'HTTP_ORIGIN' => 'http://example3.com'}
|
54
|
+
assert last_response.ok?
|
55
|
+
assert_equal 'http://example.com|http://example2.com', last_response.headers['Access-Control-Allow-Origin']
|
56
|
+
end
|
57
|
+
|
58
|
+
def test_allow_multiple_origins_with_reg_ex
|
59
|
+
get '/allow_multiple_origins_with_reg_ex', {}, {'HTTP_ORIGIN' => 'http://example.com'}
|
60
|
+
assert last_response.ok?
|
61
|
+
assert_equal 'http://example.com', last_response.headers['Access-Control-Allow-Origin']
|
62
|
+
|
63
|
+
get '/allow_multiple_origins_with_reg_ex', {}, {'HTTP_ORIGIN' => 'http://sub-1.example.com'}
|
64
|
+
assert last_response.ok?
|
65
|
+
assert_equal 'http://sub-1.example.com', last_response.headers['Access-Control-Allow-Origin']
|
66
|
+
end
|
67
|
+
|
44
68
|
def test_allow_methods
|
45
69
|
get '/allow_methods', {:methods=>'get, post'}, {'HTTP_ORIGIN' => 'http://localhost'}
|
46
70
|
assert last_response.ok?
|
@@ -66,3 +90,30 @@ class HelloTest < Test::Unit::TestCase
|
|
66
90
|
end
|
67
91
|
|
68
92
|
end
|
93
|
+
|
94
|
+
class AllRoutesTest < Test::Unit::TestCase
|
95
|
+
include Rack::Test::Methods
|
96
|
+
|
97
|
+
def app
|
98
|
+
AllRoutesApp
|
99
|
+
end
|
100
|
+
|
101
|
+
def test_it_says_hello
|
102
|
+
get '/'
|
103
|
+
assert last_response.ok?
|
104
|
+
assert_equal 'Hello', last_response.body
|
105
|
+
end
|
106
|
+
|
107
|
+
def test_cross_origin_is_silent_on_same_origin_request
|
108
|
+
get '/'
|
109
|
+
assert last_response.ok?
|
110
|
+
assert_equal nil, last_response.headers['Access-Control-Allow-Origin']
|
111
|
+
end
|
112
|
+
|
113
|
+
def test_allow_any_origin
|
114
|
+
get '/', {}, {'HTTP_ORIGIN' => 'http://localhost'}
|
115
|
+
assert last_response.ok?
|
116
|
+
assert_equal 'http://localhost', last_response.headers['Access-Control-Allow-Origin']
|
117
|
+
end
|
118
|
+
|
119
|
+
end
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
@@ -1,15 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sinatra-cross_origin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
5
|
-
prerelease:
|
4
|
+
version: 0.4.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Brit Gardner
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2016-10-20 00:00:00.000000000 Z
|
13
12
|
dependencies: []
|
14
13
|
description: Cross Origin Resource Sharing helper for Sinatra
|
15
14
|
email: brit@britg.com
|
@@ -25,31 +24,31 @@ files:
|
|
25
24
|
- VERSION
|
26
25
|
- lib/sinatra/cross_origin.rb
|
27
26
|
- sinatra-cross_origin.gemspec
|
27
|
+
- test/app/all_routes.rb
|
28
28
|
- test/app/test_app.rb
|
29
29
|
- test/test_all.rb
|
30
30
|
- test/test_helper.rb
|
31
31
|
homepage: http://github.com/britg/sinatra-cross_origin
|
32
32
|
licenses: []
|
33
|
+
metadata: {}
|
33
34
|
post_install_message:
|
34
35
|
rdoc_options: []
|
35
36
|
require_paths:
|
36
37
|
- lib
|
37
38
|
required_ruby_version: !ruby/object:Gem::Requirement
|
38
|
-
none: false
|
39
39
|
requirements:
|
40
|
-
- -
|
40
|
+
- - ">="
|
41
41
|
- !ruby/object:Gem::Version
|
42
42
|
version: '0'
|
43
43
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
44
|
-
none: false
|
45
44
|
requirements:
|
46
|
-
- -
|
45
|
+
- - ">="
|
47
46
|
- !ruby/object:Gem::Version
|
48
47
|
version: '0'
|
49
48
|
requirements: []
|
50
49
|
rubyforge_project:
|
51
|
-
rubygems_version:
|
50
|
+
rubygems_version: 2.4.5.1
|
52
51
|
signing_key:
|
53
|
-
specification_version:
|
52
|
+
specification_version: 4
|
54
53
|
summary: Cross Origin Resource Sharing helper for Sinatra
|
55
54
|
test_files: []
|