public void Register(IAppHost appHost)
        {
            if (appHost.HasMultiplePlugins <CorsFeature>())
            {
                throw new NotSupportedException("CorsFeature has already been registered");
            }

            if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
            }
            if (!string.IsNullOrEmpty(allowedMethods))
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
            }
            if (!string.IsNullOrEmpty(allowedHeaders))
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
            }
            if (allowCredentials)
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");
            }

            Action <IRequest, IResponse> allowOriginFilter = null;

            if (allowOriginWhitelist != null)
            {
                allowOriginFilter = (httpReq, httpRes) => {
                    var origin = httpReq.Headers.Get("Origin");
                    if (allowOriginWhitelist.Contains(origin))
                    {
                        httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
                    }
                };

                appHost.PreRequestFilters.Add(allowOriginFilter);
            }

            if (AutoHandleOptionsRequests)
            {
                //Handles Request and closes Response after emitting global HTTP Headers
                var emitGlobalHeadersHandler = new CustomActionHandler(
                    (httpReq, httpRes) => {
                    if (allowOriginFilter != null)
                    {
                        allowOriginFilter(httpReq, httpRes);
                    }
                    httpRes.EndRequest();
                });

                appHost.RawHttpHandlers.Add(httpReq =>
                                            httpReq.HttpMethod == HttpMethods.Options
                        ? emitGlobalHeadersHandler
                        : null);
            }
        }
Beispiel #2
0
        public void Register(IAppHost appHost)
        {
            if (appHost.HasMultiplePlugins<CorsFeature>())
                throw new NotSupportedException("CorsFeature has already been registered");

            if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
            if (!string.IsNullOrEmpty(allowedMethods))
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
            if (!string.IsNullOrEmpty(allowedHeaders))
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
            if (allowCredentials)
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");
            if (exposeHeaders != null)
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.ExposeHeaders, exposeHeaders);
            if (maxAge != null)
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AccessControlMaxAge, maxAge.Value.ToString());

            Action<IRequest, IResponse> allowOriginFilter = null;

            if (allowOriginWhitelist != null)
            {
                allowOriginFilter = (httpReq, httpRes) =>
                {
                    var origin = httpReq.Headers.Get(HttpHeaders.Origin);
                    if (allowOriginWhitelist.Contains(origin))
                    {
                        httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
                    }
                };

                appHost.PreRequestFilters.Add(allowOriginFilter);
            }

            if (AutoHandleOptionsRequests)
            {
                //Handles Request and closes Response after emitting global HTTP Headers
                var emitGlobalHeadersHandler = new CustomActionHandler(
                    (httpReq, httpRes) =>
                    {
                        httpRes.EndRequest(); //PreRequestFilters already written in CustomActionHandler
                    });

                appHost.RawHttpHandlers.Add(httpReq =>
                    httpReq.HttpMethod == HttpMethods.Options
                        ? emitGlobalHeadersHandler
                        : null);
            }
        }
Beispiel #3
0
        public void Register(IAppHost appHost)
        {
            if (appHost.HasMultiplePlugins<CorsFeature>())
                throw new NotSupportedException("CorsFeature has already been registered");

            if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
            if (!string.IsNullOrEmpty(allowedMethods))
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
            if (!string.IsNullOrEmpty(allowedHeaders))
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
            if (allowCredentials)
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");

            if (allowOriginWhitelist != null)
            {
                appHost.GlobalRequestFilters.Add((httpReq, httpRes, requestDto) =>
                {
                    var origin = httpReq.Headers.Get("Origin");
                    if (allowOriginWhitelist.Contains(origin))
                    {
                        httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
                    }
                });
            }

            if (AutoHandleOptionRequests)
            {
                var emitGlobalHeadersHandler = new CustomActionHandler((httpReq, httpRes) => 
                {
                    //Handles Request and closes Responses after emitting global HTTP Headers
                    if (httpReq.HttpMethod == HttpMethods.Options)
                        httpRes.EndRequest();                            
                });

                appHost.RawHttpHandlers.Add(httpReq =>
                    httpReq.HttpMethod == HttpMethods.Options
                        ? emitGlobalHeadersHandler
                        : null);                
            }
        }
Beispiel #4
0
        public void Register(IAppHost appHost)
        {
            if (appHost.HasMultiplePlugins <CorsFeature>())
            {
                throw new NotSupportedException("CorsFeature has already been registered");
            }

            if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
            }
            if (!string.IsNullOrEmpty(allowedMethods))
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
            }
            if (!string.IsNullOrEmpty(allowedHeaders))
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
            }
            if (allowCredentials)
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");
            }
            if (exposeHeaders != null)
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.ExposeHeaders, exposeHeaders);
            }
            if (maxAge != null)
            {
                appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AccessControlMaxAge, maxAge.Value.ToString());
            }

            if (allowOriginWhitelist != null)
            {
                void allowOriginFilter(IRequest httpReq, IResponse httpRes)
                {
                    var origin = httpReq.Headers.Get(HttpHeaders.Origin);

                    if (allowOriginWhitelist.Contains(origin))
                    {
                        httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
                    }
                }

                appHost.PreRequestFilters.Add(allowOriginFilter);
            }

            if (AutoHandleOptionsRequests)
            {
                //Handles Request and closes Response after emitting global HTTP Headers
                var emitGlobalHeadersHandler = new CustomActionHandler(
                    (httpReq, httpRes) =>
                {
                    httpRes.EndRequest();     //PreRequestFilters already written in CustomActionHandler
                });

                appHost.RawHttpHandlers.Add(httpReq =>
                                            httpReq.HttpMethod == HttpMethods.Options
                        ? emitGlobalHeadersHandler
                        : null);
            }

            appHost.GetPlugin <MetadataFeature>()
            ?.AddLink(MetadataFeature.AvailableFeatures, "http://docs.servicestack.net/corsfeature", "CORS Feature");
        }