tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

refactor the algorithm for testing the cors

Browse Source 
while here:
- send cors headers even if the status is 404
- add: access_control_expose_headers config option - list of additional headers sent in Access-Control-Expose-Headers
- add: access_control_allow_credentials config option - if true return Access-Control-Allow-Credentials header equal "true"
This commit is contained in:
Tomasz Sowa
2022-09-08 03:12:44 +02:00
parent 04164ff967
commit 222a1c8a1f
9 changed files with 245 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
winixd/core/config.h
View File

@@ -984,10 +984,23 @@ public:
bool allow_all_cors_origins;
// list of allowed origins in cors requests
// can be set per controller in a method: virtual bool FunctionBase::IsCorsOriginAvailable(const std::wstring & origin_url)
// used only if allow_all_cors_origins is false
// default: empty
std::vector<std::wstring> allowed_cors_origins;
// list of additional headers sent in Access-Control-Expose-Headers header
// can be set per controller in a method: virtual void FunctionBase::AddAccessControlExposeHeadersHeader()
// default: empty
std::vector<std::wstring> access_control_expose_headers;
// if true return Access-Control-Allow-Credentials header equal "true"
// whethert credentials (e.g. cookies, authorization headers) are available in cors requests
// can be set per controller in a method: virtual bool FunctionBase::AreCorsCredentialsAvailable()
// default: false
bool access_control_allow_credentials;
Config();
bool ReadConfig(const std::wstring & config_file);