equal
deleted
inserted
replaced
24 server.set_option("buffer_size_limit", module:get_option_number("http_max_buffer_size")); |
24 server.set_option("buffer_size_limit", module:get_option_number("http_max_buffer_size")); |
25 |
25 |
26 -- CORS settigs |
26 -- CORS settigs |
27 local opt_methods = module:get_option_set("access_control_allow_methods", { "GET", "OPTIONS" }); |
27 local opt_methods = module:get_option_set("access_control_allow_methods", { "GET", "OPTIONS" }); |
28 local opt_headers = module:get_option_set("access_control_allow_headers", { "Content-Type" }); |
28 local opt_headers = module:get_option_set("access_control_allow_headers", { "Content-Type" }); |
|
29 local opt_credentials = module:get_option_boolean("access_control_allow_credentials", false); |
29 local opt_max_age = module:get_option_number("access_control_max_age", 2 * 60 * 60); |
30 local opt_max_age = module:get_option_number("access_control_max_age", 2 * 60 * 60); |
30 |
31 |
31 local function get_http_event(host, app_path, key) |
32 local function get_http_event(host, app_path, key) |
32 local method, path = key:match("^(%S+)%s+(.+)$"); |
33 local method, path = key:match("^(%S+)%s+(.+)$"); |
33 if not method then -- No path specified, default to "" (base path) |
34 if not method then -- No path specified, default to "" (base path) |
87 end |
88 end |
88 module:log("warn", "No http ports enabled, can't generate an external URL"); |
89 module:log("warn", "No http ports enabled, can't generate an external URL"); |
89 return "http://disabled.invalid/"; |
90 return "http://disabled.invalid/"; |
90 end |
91 end |
91 |
92 |
92 local function apply_cors_headers(response, methods, headers, max_age, origin) |
93 local function apply_cors_headers(response, methods, headers, max_age, allow_credentials, origin) |
93 response.headers.access_control_allow_methods = tostring(methods); |
94 response.headers.access_control_allow_methods = tostring(methods); |
94 response.headers.access_control_allow_headers = tostring(headers); |
95 response.headers.access_control_allow_headers = tostring(headers); |
95 response.headers.access_control_max_age = tostring(max_age) |
96 response.headers.access_control_max_age = tostring(max_age) |
96 response.headers.access_control_allow_origin = origin or "*"; |
97 response.headers.access_control_allow_origin = origin or "*"; |
|
98 if allow_credentials then |
|
99 response.headers.access_control_allow_credentials = "true"; |
|
100 end |
97 end |
101 end |
98 |
102 |
99 function module.add_host(module) |
103 function module.add_host(module) |
100 local host = module.host; |
104 local host = module.host; |
101 if host ~= "*" then |
105 if host ~= "*" then |
117 |
121 |
118 local app_methods = opt_methods; |
122 local app_methods = opt_methods; |
119 |
123 |
120 local function cors_handler(event_data) |
124 local function cors_handler(event_data) |
121 local request, response = event_data.request, event_data.response; |
125 local request, response = event_data.request, event_data.response; |
122 apply_cors_headers(response, app_methods, opt_headers, opt_max_age, request.headers.origin); |
126 apply_cors_headers(response, app_methods, opt_headers, opt_max_age, opt_credentials, request.headers.origin); |
123 end |
127 end |
124 |
128 |
125 local function options_handler(event_data) |
129 local function options_handler(event_data) |
126 cors_handler(event_data); |
130 cors_handler(event_data); |
127 return ""; |
131 return ""; |