public void Register(IAppHost appHost)
{
if (appHost.HasMultiplePlugins <CorsFeature>())
{
throw new NotSupportedException("CorsFeature has already been registered");
}
if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
}
if (!string.IsNullOrEmpty(allowedMethods))
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
}
if (!string.IsNullOrEmpty(allowedHeaders))
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
}
if (allowCredentials)
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");
}
Action <IRequest, IResponse> allowOriginFilter = null;
if (allowOriginWhitelist != null)
{
allowOriginFilter = (httpReq, httpRes) => {
var origin = httpReq.Headers.Get("Origin");
if (allowOriginWhitelist.Contains(origin))
{
httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
}
};
appHost.PreRequestFilters.Add(allowOriginFilter);
}
if (AutoHandleOptionsRequests)
{
//Handles Request and closes Response after emitting global HTTP Headers
var emitGlobalHeadersHandler = new CustomActionHandler(
(httpReq, httpRes) => {
if (allowOriginFilter != null)
{
allowOriginFilter(httpReq, httpRes);
}
httpRes.EndRequest();
});
appHost.RawHttpHandlers.Add(httpReq =>
httpReq.HttpMethod == HttpMethods.Options
? emitGlobalHeadersHandler
: null);
}
}
public void Register(IAppHost appHost)
{
if (appHost.HasMultiplePlugins<CorsFeature>())
throw new NotSupportedException("CorsFeature has already been registered");
if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
if (!string.IsNullOrEmpty(allowedMethods))
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
if (!string.IsNullOrEmpty(allowedHeaders))
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
if (allowCredentials)
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");
if (exposeHeaders != null)
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.ExposeHeaders, exposeHeaders);
if (maxAge != null)
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AccessControlMaxAge, maxAge.Value.ToString());
Action<IRequest, IResponse> allowOriginFilter = null;
if (allowOriginWhitelist != null)
{
allowOriginFilter = (httpReq, httpRes) =>
{
var origin = httpReq.Headers.Get(HttpHeaders.Origin);
if (allowOriginWhitelist.Contains(origin))
{
httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
}
};
appHost.PreRequestFilters.Add(allowOriginFilter);
}
if (AutoHandleOptionsRequests)
{
//Handles Request and closes Response after emitting global HTTP Headers
var emitGlobalHeadersHandler = new CustomActionHandler(
(httpReq, httpRes) =>
{
httpRes.EndRequest(); //PreRequestFilters already written in CustomActionHandler
});
appHost.RawHttpHandlers.Add(httpReq =>
httpReq.HttpMethod == HttpMethods.Options
? emitGlobalHeadersHandler
: null);
}
}
public void Register(IAppHost appHost)
{
if (appHost.HasMultiplePlugins<CorsFeature>())
throw new NotSupportedException("CorsFeature has already been registered");
if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
if (!string.IsNullOrEmpty(allowedMethods))
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
if (!string.IsNullOrEmpty(allowedHeaders))
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
if (allowCredentials)
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");
if (allowOriginWhitelist != null)
{
appHost.GlobalRequestFilters.Add((httpReq, httpRes, requestDto) =>
{
var origin = httpReq.Headers.Get("Origin");
if (allowOriginWhitelist.Contains(origin))
{
httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
}
});
}
if (AutoHandleOptionRequests)
{
var emitGlobalHeadersHandler = new CustomActionHandler((httpReq, httpRes) =>
{
//Handles Request and closes Responses after emitting global HTTP Headers
if (httpReq.HttpMethod == HttpMethods.Options)
httpRes.EndRequest();
});
appHost.RawHttpHandlers.Add(httpReq =>
httpReq.HttpMethod == HttpMethods.Options
? emitGlobalHeadersHandler
: null);
}
}
public void Register(IAppHost appHost)
{
if (appHost.HasMultiplePlugins <CorsFeature>())
{
throw new NotSupportedException("CorsFeature has already been registered");
}
if (!string.IsNullOrEmpty(allowedOrigins) && allowOriginWhitelist == null)
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowOrigin, allowedOrigins);
}
if (!string.IsNullOrEmpty(allowedMethods))
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowMethods, allowedMethods);
}
if (!string.IsNullOrEmpty(allowedHeaders))
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowHeaders, allowedHeaders);
}
if (allowCredentials)
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AllowCredentials, "true");
}
if (exposeHeaders != null)
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.ExposeHeaders, exposeHeaders);
}
if (maxAge != null)
{
appHost.Config.GlobalResponseHeaders.Add(HttpHeaders.AccessControlMaxAge, maxAge.Value.ToString());
}
if (allowOriginWhitelist != null)
{
void allowOriginFilter(IRequest httpReq, IResponse httpRes)
{
var origin = httpReq.Headers.Get(HttpHeaders.Origin);
if (allowOriginWhitelist.Contains(origin))
{
httpRes.AddHeader(HttpHeaders.AllowOrigin, origin);
}
}
appHost.PreRequestFilters.Add(allowOriginFilter);
}
if (AutoHandleOptionsRequests)
{
//Handles Request and closes Response after emitting global HTTP Headers
var emitGlobalHeadersHandler = new CustomActionHandler(
(httpReq, httpRes) =>
{
httpRes.EndRequest(); //PreRequestFilters already written in CustomActionHandler
});
appHost.RawHttpHandlers.Add(httpReq =>
httpReq.HttpMethod == HttpMethods.Options
? emitGlobalHeadersHandler
: null);
}
appHost.GetPlugin <MetadataFeature>()
?.AddLink(MetadataFeature.AvailableFeatures, "http://docs.servicestack.net/corsfeature", "CORS Feature");
}