Home Explore Help
Sign In
bux
/
tracim_v2
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
175 Commits
1 Branches
Tree: df91e6b47a
tracim_v2/tracim/lib/utils/cors.py

cors.py 2.5KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. # -*- coding: utf-8 -*-

  2. # INFO - G.M -17-05-2018 - CORS support

  3. # original code from https://gist.github.com/mmerickel/1afaf64154b335b596e4

  4. # see also

  5. # here : https://groups.google.com/forum/#!topic/pylons-discuss/2Sw4OkOnZcE

  6. from pyramid.events import NewResponse

  7. 

  8. 

  9. def add_cors_support(config):

  10.     # INFO - G.M - 17-05-2018 - CORS Preflight stuff (special requests)

  11.     config.add_directive(

  12.         'add_cors_preflight_handler',

  13.         add_cors_preflight_handler

  14.     )

  15.     config.add_route_predicate('cors_preflight', CorsPreflightPredicate)

  16. 

  17.     # INFO - G.M - 17-05-2018 CORS Headers for all responses

  18.     config.add_subscriber(add_cors_to_response, NewResponse)

  19. 

  20. 

  21. class CorsPreflightPredicate(object):

  22.     def __init__(self, val, config):

  23.         self.val = val

  24. 

  25.     def text(self):

  26.         return 'cors_preflight = %s' % bool(self.val)

  27. 

  28.     phash = text

  29. 

  30.     def __call__(self, context, request):

  31.         if not self.val:

  32.             return False

  33.         return (

  34.             request.method == 'OPTIONS' and

  35.             'Origin' in request.headers and

  36.             'Access-Control-Request-Method' in request.headers

  37.         )

  38. 

  39. 

  40. def add_cors_preflight_handler(config):

  41.     # INFO - G.M - 17-05-2018 - Add route for CORS preflight

  42.     # see https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request

  43.     # for more info about preflight

  44. 

  45.     config.add_route(

  46.         'cors-options-preflight', '/{catch_all:.*}',

  47.         cors_preflight=True,

  48.     )

  49.     config.add_view(

  50.         cors_options_view,

  51.         route_name='cors-options-preflight',

  52.     )

  53. 

  54. 

  55. def cors_options_view(context, request):

  56.     response = request.response

  57.     if 'Access-Control-Request-Headers' in request.headers:

  58.         response.headers['Access-Control-Allow-Methods'] = (

  59.             'OPTIONS,HEAD,GET,POST,PUT,DELETE'

  60.         )

  61.     response.headers['Access-Control-Allow-Headers'] = (

  62.         'Content-Type,Accept,Accept-Language,Authorization,X-Request-ID'

  63.     )

  64.     return response

  65. 

  66. 

  67. def add_cors_to_response(event):

  68.     # INFO - G.M - 17-05-2018 - Add some CORS headers to all requests

  69.     request = event.request

  70.     response = event.response

  71.     if 'Origin' in request.headers:

  72.         response.headers['Access-Control-Expose-Headers'] = (

  73.             'Content-Type,Date,Content-Length,Authorization,X-Request-ID'

  74.         )

  75.         # TODO - G.M - 17-05-2018 - Allow to configure this header in config

  76.         response.headers['Access-Control-Allow-Origin'] = '*'

  77.         response.headers['Access-Control-Allow-Credentials'] = 'true'