prosody: changeset 12795:4f69423603f2

--- a/plugins/mod_http.lua	Mon Oct 24 15:25:12 2022 +0200
+++ b/plugins/mod_http.lua	Mon Oct 31 14:32:26 2022 +0000
@@ -37,6 +37,7 @@
 local opt_origins = module:get_option_set("access_control_allow_origins");
 local opt_credentials = module:get_option_boolean("access_control_allow_credentials", false);
 local opt_max_age = module:get_option_number("access_control_max_age", 2 * 60 * 60);
+local opt_default_cors = module:get_option_boolean("http_default_cors_enabled", true);
 
 local function get_http_event(host, app_path, key)
 	local method, path = key:match("^(%S+)%s+(.+)$");
@@ -183,7 +184,11 @@
 						app_origins = set.new(cors.origins)._items;
 					end
 				end
+			elseif cors.enabled == false then
+				cors = nil;
 			end
+		else
+			cors = opt_default_cors;
 		end
 
 		local streaming = event.item.streaming_uploads;
@@ -228,12 +233,14 @@
 				if not app_handlers[event_name] then
 					app_handlers[event_name] = {
 						main = handler;
-						cors = cors_handler;
-						options = options_handler;
+						cors = cors and cors_handler;
+						options = cors and options_handler;
 					};
 					module:hook_object_event(server, event_name, handler);
-					module:hook_object_event(server, event_name, cors_handler, 1);
-					module:hook_object_event(server, options_event_name, options_handler, -1);
+					if cors then
+						module:hook_object_event(server, event_name, cors_handler, 1);
+						module:hook_object_event(server, options_event_name, options_handler, -1);
+					end
 				else
 					module:log("warn", "App %s added handler twice for '%s', ignoring", app_name, event_name);
 				end

author	Matthew Wild <mwild1@gmail.com>
	Mon, 31 Oct 2022 14:32:26 +0000
changeset 12795	4f69423603f2
parent 12793	517b5702c5a1 (current diff)
parent 12794	24b55f0e2db9 (diff)
child 12797	d63190a7a714