forked from TrueCloudLab/neoneo-go
rpcsrv: handle preflight OPTIONS with CORS kludge, fix #2721
This commit is contained in:
parent
48567fbc61
commit
b48d02f4a6
1 changed files with 13 additions and 2 deletions
|
@ -446,6 +446,13 @@ func (s *Server) handleHTTPRequest(w http.ResponseWriter, httpRequest *http.Requ
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if httpRequest.Method == "OPTIONS" && s.config.EnableCORSWorkaround { // Preflight CORS.
|
||||||
|
setCORSOriginHeaders(w.Header())
|
||||||
|
w.Header().Set("Access-Control-Allow-Methods", "GET, POST") // GET for websockets.
|
||||||
|
w.Header().Set("Access-Control-Max-Age", "21600") // 6 hours.
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
if httpRequest.Method != "POST" {
|
if httpRequest.Method != "POST" {
|
||||||
s.writeHTTPErrorResponse(
|
s.writeHTTPErrorResponse(
|
||||||
params.NewIn(),
|
params.NewIn(),
|
||||||
|
@ -2733,6 +2740,11 @@ func (s *Server) writeHTTPErrorResponse(r *params.In, w http.ResponseWriter, jso
|
||||||
s.writeHTTPServerResponse(¶ms.Request{In: r}, w, resp)
|
s.writeHTTPServerResponse(¶ms.Request{In: r}, w, resp)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func setCORSOriginHeaders(h http.Header) {
|
||||||
|
h.Set("Access-Control-Allow-Origin", "*")
|
||||||
|
h.Set("Access-Control-Allow-Headers", "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With")
|
||||||
|
}
|
||||||
|
|
||||||
func (s *Server) writeHTTPServerResponse(r *params.Request, w http.ResponseWriter, resp abstractResult) {
|
func (s *Server) writeHTTPServerResponse(r *params.Request, w http.ResponseWriter, resp abstractResult) {
|
||||||
// Errors can happen in many places and we can only catch ALL of them here.
|
// Errors can happen in many places and we can only catch ALL of them here.
|
||||||
resp.RunForErrors(func(jsonErr *neorpc.Error) {
|
resp.RunForErrors(func(jsonErr *neorpc.Error) {
|
||||||
|
@ -2746,8 +2758,7 @@ func (s *Server) writeHTTPServerResponse(r *params.Request, w http.ResponseWrite
|
||||||
}
|
}
|
||||||
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
||||||
if s.config.EnableCORSWorkaround {
|
if s.config.EnableCORSWorkaround {
|
||||||
w.Header().Set("Access-Control-Allow-Origin", "*")
|
setCORSOriginHeaders(w.Header())
|
||||||
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
encoder := json.NewEncoder(w)
|
encoder := json.NewEncoder(w)
|
||||||
|
|
Loading…
Reference in a new issue