/// <summary>
/// on action executing...
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (HasOrigin(filterContext))
{
var corsPolicy = _policy ?? InternalCorsPolicyManager.GetPolicy(_policyName) ?? InternalCorsPolicyManager.GetDefaultPolicy();
var context = filterContext.RequestContext.HttpContext;
if (corsPolicy != null &&
(!CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) ||
(CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) && CorsCoreHelper.IsMatchedIgnoreRule(context, corsPolicy))))
{
var corsResult = CorsCoreHelper.EvaluatePolicy(context, corsPolicy);
CorsCoreHelper.ApplyResult(corsResult, context.Response);
var accessControlRequestMethod = context.Request.Headers[CorsConstants.AccessControlRequestMethod];
if (string.Equals(context.Request.HttpMethod, CorsConstants.PreflightHttpMethod, StringComparison.OrdinalIgnoreCase) &&
!string.IsNullOrEmpty(accessControlRequestMethod))
{
context.Response.StatusCode = new HttpStatusCodeResult(HttpStatusCode.NoContent).StatusCode;
return;
}
}
}
base.OnActionExecuting(filterContext);
}
public static void WithCors(this NancyContext context, string policyName)
{
var policy = InternalCorsPolicyManager.GetPolicy(policyName) ??
InternalCorsPolicyManager.GetDefaultPolicy();
WithCors(context, policy);
}
/// <summary>
/// Use cors module
/// </summary>
/// <param name="pipelines"></param>
/// <param name="optionsAction"></param>
/// <returns></returns>
public static IPipelines UseCors(this IPipelines pipelines, Action <CorsOptions> optionsAction)
{
if (pipelines == null)
{
throw new ArgumentNullException(nameof(pipelines));
}
var options = new CorsOptions();
optionsAction?.Invoke(options);
InternalCorsPolicyManager.SetPolicyMap(options);
pipelines.AfterRequest.AddItemToEndOfPipeline(ctx =>
{
if (InternalCorsPolicyManager.EnableGlobalCors /*&& HasOrigin(ctx)*/)
{
var corsPolicy =
InternalCorsPolicyManager.GetPolicy(InternalCorsPolicyManager.GlobalCorsPolicyName) ??
InternalCorsPolicyManager.GetDefaultPolicy();
if (corsPolicy != null &&
(!CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) ||
(CorsCoreHelper.DoesPolicyContainsMatchingRule(corsPolicy) && CorsCoreHelper.IsMatchedIgnoreRule(ctx, corsPolicy))))
{
var corsResult = CorsCoreHelper.EvaluatePolicy(ctx, corsPolicy);
CorsCoreHelper.ApplyResult(corsResult, ctx.Response);
var accessControlRequestMethod = ctx.Request.Headers[CorsConstants.AccessControlRequestMethod]?.FirstOrDefault();
if (string.Equals(ctx.Request.Method, CorsConstants.PreflightHttpMethod, StringComparison.OrdinalIgnoreCase) &&
!string.IsNullOrEmpty(accessControlRequestMethod))
{
ctx.Response.StatusCode = HttpStatusCode.NoContent;
}
}
}
//return null;
});
return(pipelines);
}
public static void WithCors(this NancyContext context)
{
WithCors(context, InternalCorsPolicyManager.GetDefaultPolicy());
}
