From ef6e79828d839a832304b454f19e9e43d23be9ee Mon Sep 17 00:00:00 2001
From: Yann Esposito <yann@vigiglobe.com>
Date: Wed, 14 Jan 2015 11:18:59 +0100
Subject: [PATCH] fix for firefox

---
 project.clj            |  2 +-
 src/fuck_cors/core.clj | 37 ++++++++++++++++++++-----------------
 2 files changed, 21 insertions(+), 18 deletions(-)

diff --git a/project.clj b/project.clj
index 47ee6e0..2b449e4 100644
--- a/project.clj
+++ b/project.clj
@@ -1,4 +1,4 @@
-(defproject fuck-cors "0.1.3"
+(defproject fuck-cors "0.1.4"
   :description "Fuck CORS and open all to everyone"
   :url "http://github.com/yogsototh/fuck-cors"
   :license {:name "MIT"
diff --git a/src/fuck_cors/core.clj b/src/fuck_cors/core.clj
index fadda77..919ab27 100644
--- a/src/fuck_cors/core.clj
+++ b/src/fuck_cors/core.clj
@@ -6,9 +6,9 @@
        "://"
        (get-in request [:headers "host"])))
 
-(defn- get-referer
-  [request]
-  (let [rawref (get-in request [:headers "referer"])]
+(defn- get-header
+  [request header-name]
+  (let [rawref (get-in request [:headers header-name])]
     (if rawref
         (clojure.string/replace rawref #"(http://[^/]*).*$" "$1")
         nil)))
@@ -16,17 +16,20 @@
 (defn wrap-open-cors
   "Open your Origin Policy to Everybody, no limit"
   [handler]
- (fn [request]
-   (let [referer (get-referer request)
-         host (host-from-req request)
-         origins (if referer
-                   referer
-                   host)
-         headers {"Access-Control-Allow-Origin" origins
-                  "Access-Control-Allow-Headers" "Origin, X-Served-By, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Language, Accept-Encoding, Authorization"
-                  "Access-Control-Allow-Methods" "HEAD, GET, POST, PUT, DELETE, OPTIONS, TRACE"
-                  "Access-Control-Allow-Credentials" "true"
-                  "Access-Control-Expose-Headers" "content-length"
-                  "Vary" "Accept-Encoding, Origin, Accept-Language"}]
-     (-> (handler request)
-         (update-in [:headers] #(into % headers))))))
+  (fn [request]
+    (let [origin (get-header "origin")
+          referer (get-header "referer")
+          host (host-from-req request)
+          origins (if origin
+                    origin
+                    (if referer
+                      referer
+                      host))
+          headers {"Access-Control-Allow-Origin" origins
+                   "Access-Control-Allow-Headers" "Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Language, Accept-Encoding, Authorization"
+                   "Access-Control-Allow-Methods" "HEAD, GET, POST, PUT, DELETE, OPTIONS, TRACE"
+                   "Access-Control-Allow-Credentials" "true"
+                   "Access-Control-Expose-Headers" "content-length"
+                   "Vary" "Accept-Encoding, Origin, Accept-Language"}]
+      (-> (handler request)
+          (update-in [:headers] #(into % headers))))))