fix for firefox
This commit is contained in:
parent
9326a43b3c
commit
ef6e79828d
2 changed files with 21 additions and 18 deletions
|
@ -1,4 +1,4 @@
|
||||||
(defproject fuck-cors "0.1.3"
|
(defproject fuck-cors "0.1.4"
|
||||||
:description "Fuck CORS and open all to everyone"
|
:description "Fuck CORS and open all to everyone"
|
||||||
:url "http://github.com/yogsototh/fuck-cors"
|
:url "http://github.com/yogsototh/fuck-cors"
|
||||||
:license {:name "MIT"
|
:license {:name "MIT"
|
||||||
|
|
|
@ -6,9 +6,9 @@
|
||||||
"://"
|
"://"
|
||||||
(get-in request [:headers "host"])))
|
(get-in request [:headers "host"])))
|
||||||
|
|
||||||
(defn- get-referer
|
(defn- get-header
|
||||||
[request]
|
[request header-name]
|
||||||
(let [rawref (get-in request [:headers "referer"])]
|
(let [rawref (get-in request [:headers header-name])]
|
||||||
(if rawref
|
(if rawref
|
||||||
(clojure.string/replace rawref #"(http://[^/]*).*$" "$1")
|
(clojure.string/replace rawref #"(http://[^/]*).*$" "$1")
|
||||||
nil)))
|
nil)))
|
||||||
|
@ -16,17 +16,20 @@
|
||||||
(defn wrap-open-cors
|
(defn wrap-open-cors
|
||||||
"Open your Origin Policy to Everybody, no limit"
|
"Open your Origin Policy to Everybody, no limit"
|
||||||
[handler]
|
[handler]
|
||||||
(fn [request]
|
(fn [request]
|
||||||
(let [referer (get-referer request)
|
(let [origin (get-header "origin")
|
||||||
host (host-from-req request)
|
referer (get-header "referer")
|
||||||
origins (if referer
|
host (host-from-req request)
|
||||||
referer
|
origins (if origin
|
||||||
host)
|
origin
|
||||||
headers {"Access-Control-Allow-Origin" origins
|
(if referer
|
||||||
"Access-Control-Allow-Headers" "Origin, X-Served-By, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Language, Accept-Encoding, Authorization"
|
referer
|
||||||
"Access-Control-Allow-Methods" "HEAD, GET, POST, PUT, DELETE, OPTIONS, TRACE"
|
host))
|
||||||
"Access-Control-Allow-Credentials" "true"
|
headers {"Access-Control-Allow-Origin" origins
|
||||||
"Access-Control-Expose-Headers" "content-length"
|
"Access-Control-Allow-Headers" "Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Language, Accept-Encoding, Authorization"
|
||||||
"Vary" "Accept-Encoding, Origin, Accept-Language"}]
|
"Access-Control-Allow-Methods" "HEAD, GET, POST, PUT, DELETE, OPTIONS, TRACE"
|
||||||
(-> (handler request)
|
"Access-Control-Allow-Credentials" "true"
|
||||||
(update-in [:headers] #(into % headers))))))
|
"Access-Control-Expose-Headers" "content-length"
|
||||||
|
"Vary" "Accept-Encoding, Origin, Accept-Language"}]
|
||||||
|
(-> (handler request)
|
||||||
|
(update-in [:headers] #(into % headers))))))
|
||||||
|
|
Loading…
Reference in a new issue