mirror of
https://github.com/hakanensari/frankfurter.git
synced 2024-11-22 11:02:30 +01:00
Further refactor cross-origin
- Add all [required headers](https://github.com/britg/sinatra-cross_origin/blob/master/lib/s inatra/cross_origin.rb#L51-L58) - Respond to preflight requests #18
This commit is contained in:
parent
260dc65dff
commit
59df76477e
25
lib/api.rb
25
lib/api.rb
@ -6,7 +6,17 @@ require 'yajl'
|
|||||||
require 'quote'
|
require 'quote'
|
||||||
|
|
||||||
configure do
|
configure do
|
||||||
enable :cross_origin
|
set :options_response_headers,
|
||||||
|
'Allow' => 'HEAD, GET, OPTIONS',
|
||||||
|
'Access-Control-Allow-Headers' => 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Cache-Control, Accept'
|
||||||
|
|
||||||
|
set :cors_response_headers,
|
||||||
|
'Access-Control-Allow-Credentials' => 'true',
|
||||||
|
'Access-Control-Allow-Headers' => '*, Content-Type, Accept, AUTHORIZATION, Cache-Control',
|
||||||
|
'Access-Control-Allow-Methods' => 'POST, GET, OPTIONS',
|
||||||
|
'Access-Control-Allow-Origin' => '*',
|
||||||
|
'Access-Control-Expose-Headers' => 'Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma',
|
||||||
|
'Access-Control-Max-Age' => '1728000'
|
||||||
end
|
end
|
||||||
|
|
||||||
configure :development do
|
configure :development do
|
||||||
@ -41,22 +51,31 @@ helpers do
|
|||||||
def halt_with_message(status, message)
|
def halt_with_message(status, message)
|
||||||
halt status, Yajl::Encoder.encode(error: message)
|
halt status, Yajl::Encoder.encode(error: message)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def enable_cross_origin
|
||||||
|
headers settings.cors_response_headers
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
before do
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests
|
||||||
headers 'Access-Control-Allow-Origin' => '*'
|
options '*' do
|
||||||
|
headers settings.options_response_headers
|
||||||
|
pass
|
||||||
end
|
end
|
||||||
|
|
||||||
get '/' do
|
get '/' do
|
||||||
|
enable_cross_origin
|
||||||
jsonp details: 'http://fixer.io', version: App.version
|
jsonp details: 'http://fixer.io', version: App.version
|
||||||
end
|
end
|
||||||
|
|
||||||
get '/latest' do
|
get '/latest' do
|
||||||
|
enable_cross_origin
|
||||||
last_modified quote[:date]
|
last_modified quote[:date]
|
||||||
jsonp quote
|
jsonp quote
|
||||||
end
|
end
|
||||||
|
|
||||||
get(/(?<date>\d{4}-\d{2}-\d{2})/) do
|
get(/(?<date>\d{4}-\d{2}-\d{2})/) do
|
||||||
|
enable_cross_origin
|
||||||
last_modified quote[:date]
|
last_modified quote[:date]
|
||||||
jsonp quote
|
jsonp quote
|
||||||
end
|
end
|
||||||
|
@ -56,6 +56,13 @@ describe 'the API' do
|
|||||||
%w(/ /latest /2012-11-20).each do |path|
|
%w(/ /latest /2012-11-20).each do |path|
|
||||||
get path
|
get path
|
||||||
assert_equal '*', headers['Access-Control-Allow-Origin']
|
assert_equal '*', headers['Access-Control-Allow-Origin']
|
||||||
|
refute_empty headers['Access-Control-Allow-Methods']
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'responds to preflight requests' do
|
||||||
|
options '/'
|
||||||
|
refute_empty headers['Allow']
|
||||||
|
refute_empty headers['Access-Control-Allow-Headers']
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user