initial commit
This commit is contained in:
commit
f6c512f78d
7 changed files with 117 additions and 0 deletions
9
.gitignore
vendored
Normal file
9
.gitignore
vendored
Normal file
|
@ -0,0 +1,9 @@
|
|||
/target
|
||||
/classes
|
||||
/checkouts
|
||||
pom.xml
|
||||
pom.xml.asc
|
||||
*.jar
|
||||
*.class
|
||||
/.lein-*
|
||||
/.nrepl-port
|
21
LICENSE
Normal file
21
LICENSE
Normal file
|
@ -0,0 +1,21 @@
|
|||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2014 Yann Esposito
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
39
README.md
Normal file
39
README.md
Normal file
|
@ -0,0 +1,39 @@
|
|||
# fuck-cors
|
||||
|
||||
A Clojure library designed to fuck CORS and open your API completely.
|
||||
So all AJAX Call should alway works, be it with cookies or not.
|
||||
|
||||
In which case should you use this library:
|
||||
|
||||
1. You don't have time to think and want something that just works.
|
||||
2. You don't mind much about security.
|
||||
3. You hate CORS but want to be able to make Ajax call Cross website.
|
||||
|
||||
## Why?
|
||||
|
||||
[Some Men Just Want to Watch the World Burn](http://knowyourmeme.com/memes/some-men-just-want-to-watch-the-world-burn)
|
||||
|
||||
## Usage
|
||||
|
||||
Add
|
||||
|
||||
~~~
|
||||
[fuck-cors 0.1.0]
|
||||
~~~
|
||||
|
||||
to your `project.clj`.
|
||||
|
||||
Then
|
||||
|
||||
~~~
|
||||
(:require [fuck-cors.core :refer [wrap-open-cors])
|
||||
~~~
|
||||
|
||||
And use `wrap-open-cors` as middleware.
|
||||
|
||||
## License
|
||||
|
||||
Copyright © 2014 Yann Esposito
|
||||
|
||||
Distributed under the Eclipse Public License either version 1.0 or (at
|
||||
your option) any later version.
|
3
doc/intro.md
Normal file
3
doc/intro.md
Normal file
|
@ -0,0 +1,3 @@
|
|||
# Introduction to fuck-cors
|
||||
|
||||
TODO: write [great documentation](http://jacobian.org/writing/what-to-write/)
|
6
project.clj
Normal file
6
project.clj
Normal file
|
@ -0,0 +1,6 @@
|
|||
(defproject fuck-cors "0.1.0-SNAPSHOT"
|
||||
:description "Fuck CORS and open all to everyone"
|
||||
:url "http://github.com/yogsototh/fuck-cors"
|
||||
:license {:name "MIT"
|
||||
:url "http://opensource.org/licences/MIT"}
|
||||
:dependencies [[org.clojure/clojure "1.6.0"]])
|
32
src/fuck_cors/core.clj
Normal file
32
src/fuck_cors/core.clj
Normal file
|
@ -0,0 +1,32 @@
|
|||
(ns fuck-cors.core)
|
||||
|
||||
(defn- host-from-req
|
||||
[request]
|
||||
(str (-> request :scheme name)
|
||||
"://"
|
||||
(get-in request [:headers "host"])))
|
||||
|
||||
(defn- get-referer
|
||||
[request]
|
||||
(let [rawref (get-in request [:headers "referer"])]
|
||||
(if rawref
|
||||
(clojure.string/replace rawref #"(http://[^/]*).*$" "$1")
|
||||
nil)))
|
||||
|
||||
(defn wrap-open-cors
|
||||
"Open your Origin Policy to Everybody, no limit"
|
||||
[handler]
|
||||
(fn [request]
|
||||
(let [referer (get-referer request)
|
||||
host (host-from-req request)
|
||||
origins (if referer
|
||||
referer
|
||||
host)
|
||||
headers {"Access-Control-Allow-Origin" origins
|
||||
"Access-Control-Allow-Headers" "Origin, X-Requested-With, Content-Type, Accept, Cache-Control"
|
||||
"Access-Control-Allow-Methods" "HEAD, GET, POST, PUT, DELETE, OPTIONS, TRACE"
|
||||
"Access-Control-Allow-Credentials" "true"
|
||||
"Access-Control-Expose-Headers" "content-length"
|
||||
"Vary" "Accept-Encoding, Origin"}]
|
||||
(-> (handler request)
|
||||
(update-in [:headers] #(into % headers))))))
|
7
test/fuck_cors/core_test.clj
Normal file
7
test/fuck_cors/core_test.clj
Normal file
|
@ -0,0 +1,7 @@
|
|||
(ns fuck-cors.core-test
|
||||
(:require [clojure.test :refer :all]
|
||||
[fuck-cors.core :refer :all]))
|
||||
|
||||
(deftest a-test
|
||||
(testing "FIXME, I fail."
|
||||
(is (= 0 1))))
|
Loading…
Reference in a new issue