From f6c512f78d1c52d012e381d2e4c9d97d9f6f8b79 Mon Sep 17 00:00:00 2001
From: "Yann Esposito (Yogsototh)" <Yann.Esposito@gmail.com>
Date: Thu, 25 Sep 2014 00:23:17 +0200
Subject: [PATCH] initial commit

---
 .gitignore                   |  9 +++++++++
 LICENSE                      | 21 +++++++++++++++++++
 README.md                    | 39 ++++++++++++++++++++++++++++++++++++
 doc/intro.md                 |  3 +++
 project.clj                  |  6 ++++++
 src/fuck_cors/core.clj       | 32 +++++++++++++++++++++++++++++
 test/fuck_cors/core_test.clj |  7 +++++++
 7 files changed, 117 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 doc/intro.md
 create mode 100644 project.clj
 create mode 100644 src/fuck_cors/core.clj
 create mode 100644 test/fuck_cors/core_test.clj

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e04714b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,9 @@
+/target
+/classes
+/checkouts
+pom.xml
+pom.xml.asc
+*.jar
+*.class
+/.lein-*
+/.nrepl-port
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..8b73c32
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Yann Esposito
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..cf820e6
--- /dev/null
+++ b/README.md
@@ -0,0 +1,39 @@
+# fuck-cors
+
+A Clojure library designed to fuck CORS and open your API completely.
+So all AJAX Call should alway works, be it with cookies or not.
+
+In which case should you use this library:
+
+1. You don't have time to think and want something that just works.
+2. You don't mind much about security.
+3. You hate CORS but want to be able to make Ajax call Cross website.
+
+## Why?
+
+[Some Men Just Want to Watch the World Burn](http://knowyourmeme.com/memes/some-men-just-want-to-watch-the-world-burn)
+
+## Usage
+
+Add
+
+~~~
+[fuck-cors 0.1.0]
+~~~
+
+to your `project.clj`.
+
+Then
+
+~~~
+(:require [fuck-cors.core :refer [wrap-open-cors])
+~~~
+
+And use `wrap-open-cors` as middleware.
+
+## License
+
+Copyright © 2014 Yann Esposito
+
+Distributed under the Eclipse Public License either version 1.0 or (at
+your option) any later version.
diff --git a/doc/intro.md b/doc/intro.md
new file mode 100644
index 0000000..285a218
--- /dev/null
+++ b/doc/intro.md
@@ -0,0 +1,3 @@
+# Introduction to fuck-cors
+
+TODO: write [great documentation](http://jacobian.org/writing/what-to-write/)
diff --git a/project.clj b/project.clj
new file mode 100644
index 0000000..e46248e
--- /dev/null
+++ b/project.clj
@@ -0,0 +1,6 @@
+(defproject fuck-cors "0.1.0-SNAPSHOT"
+  :description "Fuck CORS and open all to everyone"
+  :url "http://github.com/yogsototh/fuck-cors"
+  :license {:name "MIT"
+            :url "http://opensource.org/licences/MIT"}
+  :dependencies [[org.clojure/clojure "1.6.0"]])
diff --git a/src/fuck_cors/core.clj b/src/fuck_cors/core.clj
new file mode 100644
index 0000000..3ff544b
--- /dev/null
+++ b/src/fuck_cors/core.clj
@@ -0,0 +1,32 @@
+(ns fuck-cors.core)
+
+(defn- host-from-req
+  [request]
+  (str (-> request :scheme name)
+       "://"
+       (get-in request [:headers "host"])))
+
+(defn- get-referer
+  [request]
+  (let [rawref (get-in request [:headers "referer"])]
+    (if rawref
+        (clojure.string/replace rawref #"(http://[^/]*).*$" "$1")
+        nil)))
+
+(defn wrap-open-cors
+  "Open your Origin Policy to Everybody, no limit"
+  [handler]
+ (fn [request]
+   (let [referer (get-referer request)
+         host (host-from-req request)
+         origins (if referer
+                   referer
+                   host)
+         headers {"Access-Control-Allow-Origin" origins
+                  "Access-Control-Allow-Headers" "Origin, X-Requested-With, Content-Type, Accept, Cache-Control"
+                  "Access-Control-Allow-Methods" "HEAD, GET, POST, PUT, DELETE, OPTIONS, TRACE"
+                  "Access-Control-Allow-Credentials" "true"
+                  "Access-Control-Expose-Headers" "content-length"
+                  "Vary" "Accept-Encoding, Origin"}]
+     (-> (handler request)
+         (update-in [:headers] #(into % headers))))))
diff --git a/test/fuck_cors/core_test.clj b/test/fuck_cors/core_test.clj
new file mode 100644
index 0000000..3584aa8
--- /dev/null
+++ b/test/fuck_cors/core_test.clj
@@ -0,0 +1,7 @@
+(ns fuck-cors.core-test
+  (:require [clojure.test :refer :all]
+            [fuck-cors.core :refer :all]))
+
+(deftest a-test
+  (testing "FIXME, I fail."
+    (is (= 0 1))))