initial commit
This commit is contained in:
commit
f6c512f78d
7 changed files with 117 additions and 0 deletions
9
.gitignore
vendored
Normal file
9
.gitignore
vendored
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
/target
|
||||||
|
/classes
|
||||||
|
/checkouts
|
||||||
|
pom.xml
|
||||||
|
pom.xml.asc
|
||||||
|
*.jar
|
||||||
|
*.class
|
||||||
|
/.lein-*
|
||||||
|
/.nrepl-port
|
21
LICENSE
Normal file
21
LICENSE
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
The MIT License (MIT)
|
||||||
|
|
||||||
|
Copyright (c) 2014 Yann Esposito
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
in the Software without restriction, including without limitation the rights
|
||||||
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
copies of the Software, and to permit persons to whom the Software is
|
||||||
|
furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in
|
||||||
|
all copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
THE SOFTWARE.
|
39
README.md
Normal file
39
README.md
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
# fuck-cors
|
||||||
|
|
||||||
|
A Clojure library designed to fuck CORS and open your API completely.
|
||||||
|
So all AJAX Call should alway works, be it with cookies or not.
|
||||||
|
|
||||||
|
In which case should you use this library:
|
||||||
|
|
||||||
|
1. You don't have time to think and want something that just works.
|
||||||
|
2. You don't mind much about security.
|
||||||
|
3. You hate CORS but want to be able to make Ajax call Cross website.
|
||||||
|
|
||||||
|
## Why?
|
||||||
|
|
||||||
|
[Some Men Just Want to Watch the World Burn](http://knowyourmeme.com/memes/some-men-just-want-to-watch-the-world-burn)
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Add
|
||||||
|
|
||||||
|
~~~
|
||||||
|
[fuck-cors 0.1.0]
|
||||||
|
~~~
|
||||||
|
|
||||||
|
to your `project.clj`.
|
||||||
|
|
||||||
|
Then
|
||||||
|
|
||||||
|
~~~
|
||||||
|
(:require [fuck-cors.core :refer [wrap-open-cors])
|
||||||
|
~~~
|
||||||
|
|
||||||
|
And use `wrap-open-cors` as middleware.
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
Copyright © 2014 Yann Esposito
|
||||||
|
|
||||||
|
Distributed under the Eclipse Public License either version 1.0 or (at
|
||||||
|
your option) any later version.
|
3
doc/intro.md
Normal file
3
doc/intro.md
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
# Introduction to fuck-cors
|
||||||
|
|
||||||
|
TODO: write [great documentation](http://jacobian.org/writing/what-to-write/)
|
6
project.clj
Normal file
6
project.clj
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
(defproject fuck-cors "0.1.0-SNAPSHOT"
|
||||||
|
:description "Fuck CORS and open all to everyone"
|
||||||
|
:url "http://github.com/yogsototh/fuck-cors"
|
||||||
|
:license {:name "MIT"
|
||||||
|
:url "http://opensource.org/licences/MIT"}
|
||||||
|
:dependencies [[org.clojure/clojure "1.6.0"]])
|
32
src/fuck_cors/core.clj
Normal file
32
src/fuck_cors/core.clj
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
(ns fuck-cors.core)
|
||||||
|
|
||||||
|
(defn- host-from-req
|
||||||
|
[request]
|
||||||
|
(str (-> request :scheme name)
|
||||||
|
"://"
|
||||||
|
(get-in request [:headers "host"])))
|
||||||
|
|
||||||
|
(defn- get-referer
|
||||||
|
[request]
|
||||||
|
(let [rawref (get-in request [:headers "referer"])]
|
||||||
|
(if rawref
|
||||||
|
(clojure.string/replace rawref #"(http://[^/]*).*$" "$1")
|
||||||
|
nil)))
|
||||||
|
|
||||||
|
(defn wrap-open-cors
|
||||||
|
"Open your Origin Policy to Everybody, no limit"
|
||||||
|
[handler]
|
||||||
|
(fn [request]
|
||||||
|
(let [referer (get-referer request)
|
||||||
|
host (host-from-req request)
|
||||||
|
origins (if referer
|
||||||
|
referer
|
||||||
|
host)
|
||||||
|
headers {"Access-Control-Allow-Origin" origins
|
||||||
|
"Access-Control-Allow-Headers" "Origin, X-Requested-With, Content-Type, Accept, Cache-Control"
|
||||||
|
"Access-Control-Allow-Methods" "HEAD, GET, POST, PUT, DELETE, OPTIONS, TRACE"
|
||||||
|
"Access-Control-Allow-Credentials" "true"
|
||||||
|
"Access-Control-Expose-Headers" "content-length"
|
||||||
|
"Vary" "Accept-Encoding, Origin"}]
|
||||||
|
(-> (handler request)
|
||||||
|
(update-in [:headers] #(into % headers))))))
|
7
test/fuck_cors/core_test.clj
Normal file
7
test/fuck_cors/core_test.clj
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
(ns fuck-cors.core-test
|
||||||
|
(:require [clojure.test :refer :all]
|
||||||
|
[fuck-cors.core :refer :all]))
|
||||||
|
|
||||||
|
(deftest a-test
|
||||||
|
(testing "FIXME, I fail."
|
||||||
|
(is (= 0 1))))
|
Loading…
Reference in a new issue