Class: Rack::Authenticate::CORSMiddleware
- Inherits:
-
Object
- Object
- Rack::Authenticate::CORSMiddleware
- Defined in:
- lib/rack/authenticate/cors_middleware.rb
Constant Summary collapse
- ACCESS_CONTROL_MAX_AGE =
48 hours
60 * 60 * 48
Instance Method Summary collapse
- #call(env) ⇒ Object
- #cors_allowances(env) ⇒ Object
- #cors_preflight_request?(env) ⇒ Boolean
-
#initialize(app) ⇒ CORSMiddleware
constructor
A new instance of CORSMiddleware.
Constructor Details
#initialize(app) ⇒ CORSMiddleware
Returns a new instance of CORSMiddleware.
6 7 8 |
# File 'lib/rack/authenticate/cors_middleware.rb', line 6 def initialize(app) @app = app end |
Instance Method Details
#call(env) ⇒ Object
10 11 12 13 14 15 16 17 18 19 20 |
# File 'lib/rack/authenticate/cors_middleware.rb', line 10 def call(env) status, headers, body = if cors_preflight_request?(env) cors_allowances(env) else @app.call(env) end headers['Access-Control-Allow-Origin'] = env['HTTP_ORIGIN'] if env.has_key?('HTTP_ORIGIN') [status, headers, body] end |
#cors_allowances(env) ⇒ Object
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/rack/authenticate/cors_middleware.rb', line 27 def cors_allowances(env) headers = { 'Access-Control-Allow-Origin' => env['HTTP_ORIGIN'], 'Access-Control-Allow-Methods' => env['HTTP_ACCESS_CONTROL_REQUEST_METHOD'], 'Access-Control-Allow-Credentials' => 'true', 'Access-Control-Max-Age' => ACCESS_CONTROL_MAX_AGE.to_s, 'Content-Type' => 'text/plain' } if env.has_key?('HTTP_ACCESS_CONTROL_REQUEST_HEADERS') headers['Access-Control-Allow-Headers'] = env['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'] end [200, headers, []] end |
#cors_preflight_request?(env) ⇒ Boolean
22 23 24 25 |
# File 'lib/rack/authenticate/cors_middleware.rb', line 22 def cors_preflight_request?(env) env['REQUEST_METHOD'] == 'OPTIONS' && %w[ HTTP_ACCESS_CONTROL_REQUEST_METHOD HTTP_ORIGIN ].all? { |k| env.has_key?(k) } end |