Skip to content

aa.gusti / opensipkd-base

Go to a project
Commit 9a1a4971 by aa.gustiana@gmail.com
Options

Remove CORS headers handling from add_cors_headers_response_callback function

1 parent d80d8065
Inline Side-by-side
Showing 1 changed file with 21 additions and 20 deletions
opensipkd/base/__init__.py
...@@ -69,31 +69,32 @@ def has_modules(module_name, context=None): ...@@ -69,31 +69,32 @@ def has_modules(module_name, context=None):
def add_cors_headers_response_callback(event): def add_cors_headers_response_callback(event):
def cors_headers(request, response): def cors_headers(request, response):
origin = request.headers.get("Origin", None) pass
allowed_origin = get_params("allowed_origin", None) # origin = request.headers.get("Origin", None)
if allowed_origin: # allowed_origin = get_params("allowed_origin", None)
if origin not in allowed_origin.split('\n'): # if allowed_origin:
origin = "null" # if origin not in allowed_origin.split('\n'):
# origin = "null"
headers = {
'Access-Control-Allow-Methods': 'POST,GET,DELETE,PUT,OPTIONS', # headers = {
'Access-Control-Allow-Headers': 'Origin, Content-Type, Accept, Authorization', # 'Access-Control-Allow-Methods': 'POST,GET,DELETE,PUT,OPTIONS',
'Access-Control-Max-Age': '1728000', # 'Access-Control-Allow-Headers': 'Origin, Content-Type, Accept, Authorization',
} # 'Access-Control-Max-Age': '1728000',
# }
# _logging.info(f"{origin} {request.is_xhr}") # _logging.info(f"{origin} {request.is_xhr}")
# response.headers.update( # response.headers.update(
# {'Access-Control-Allow-Credential': 'true', # {'Access-Control-Allow-Credential': 'true',
# 'Access-Control-Allow-Origin': "*"} # 'Access-Control-Allow-Origin': "*"}
# ) # )
if origin: # if origin:
headers['Access-Control-Allow-Origin'] = origin # headers['Access-Control-Allow-Origin'] = origin
else: # else:
headers['Access-Control-Allow-Origin'] = "*" # headers['Access-Control-Allow-Origin'] = "*"
if 'Access-Control-Allow-Credentials' not in headers: # if 'Access-Control-Allow-Credentials' not in headers:
headers['Access-Control-Allow-Credentials'] = 'true' # headers['Access-Control-Allow-Credentials'] = 'true'
_logging.debug(f"Headers: {headers}") # _logging.debug(f"Headers: {headers}")
response.headers.update(headers) # response.headers.update(headers)
event.request.add_response_callback(cors_headers) event.request.add_response_callback(cors_headers)
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!