private void MapHeaders(Response response, IHeaderDictionary responseHeaders) { foreach (var header in response.Headers) { responseHeaders.AppendCommaSeparatedValues(header.Key, header.Value.ToArray()); } }
public void AppendComaSeperatedValues_QuotesJoinsAppends() { IHeaderDictionary headers = CreateHeaders(CustomHeaderRawValues); headers.AppendCommaSeparatedValues(CustomHeaderKey, "vA, vB", "vC"); IList <string> values = headers.GetValues(CustomHeaderKey); Assert.Equal(new[] { CustomHeaderJoinedValues + ",\"vA, vB\",vC" }, values); }
private static void DecodeHeaders(IHeaderDictionary headers, TextReader textReader) { string line; while (!string.IsNullOrEmpty(line = textReader.ReadLine())) { var keyEnd = line.IndexOf(": "); var key = line.Substring(0, keyEnd); var values = line.Substring(keyEnd + 2, line.Length - 2 - keyEnd); if (values[0] == '"') { headers.AppendCommaSeparatedValues(key, values); } else { headers.Add(key, values); } } }
public override void Handle(HttpContext context, CancellationToken cancel) { HttpRequest request = context.Request; IHeaderDictionary headers = request.Headers; if (headers.ContainsKey(CorsConstants.Origin)) { HttpResponse response = context.Response; IHeaderDictionary responseHeaders = response.Headers; string origin = headers[CorsConstants.Origin]; List <string> writeHeaders; if (string.Equals(request.Method, CorsConstants.PreflightHttpMethod, StringComparison.OrdinalIgnoreCase) && !headers.IsNullOrEmpty(CorsConstants.AccessControlRequestMethod)) { //preflight if (!(StringValues.IsNullOrEmpty(origin) || !this.options.AllowAnyOrigin && !this.options.Origins.Contains(origin))) { string accessControlRequestMethod = headers[CorsConstants.AccessControlRequestMethod]; if (!this.options.AllowAnyVerb) { bool found = false; foreach (HttpVerbs curVerb in this.options.Verbs) { if (curVerb.ToString().Equals(accessControlRequestMethod, StringComparison.OrdinalIgnoreCase)) { found = true; break; } } if (found) { string[] accessControlRequestHeaders = headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestHeaders); if (!(!this.options.AllowAnyRequestHeader && accessControlRequestHeaders != null && !AllRequestHeadersGood(accessControlRequestHeaders))) { AddOrigin(origin, response); if (!IsSimpleVerb(accessControlRequestMethod)) //we know there's only one that was in the request { responseHeaders.AppendCommaSeparatedValues(CorsConstants.AccessControlAllowMethods, accessControlRequestMethod); } writeHeaders = GetNonSimpleRequestHeaders(accessControlRequestHeaders); if (writeHeaders.Count > 0) { responseHeaders.AppendCommaSeparatedValues(CorsConstants.AccessControlAllowHeaders, writeHeaders.ToArray()); } if (this.options.PreflightMaxAge.HasValue) { responseHeaders[CorsConstants.AccessControlMaxAge] = this.options.PreflightMaxAge.Value.TotalSeconds.ToString(CultureInfo.InvariantCulture); } } } } } context.Response.StatusCode = HttpStatusCodes.Status204NoContent; return; //this was a preflight, so we don't forward to the actual handler and just send back the CORS info } else { //real deal if (!(StringValues.IsNullOrEmpty(origin) || !options.AllowAnyOrigin && !options.Origins.Contains(origin))) { AddOrigin(origin, response); writeHeaders = GetNonSimpleResponseHeaders(this.options.ResponseHeaders); if (writeHeaders.Count > 0) { responseHeaders.AppendCommaSeparatedValues(CorsConstants.AccessControlExposeHeaders, writeHeaders.ToArray()); } } } } //after doing the CORS thing, and it's not a preflight, finish by letting the real work happen if (this.Next != null) { this.Next.Handle(context); } }