public void ProcessRequest(HttpContext context)
{
HttpRequest request = context.Request;
HttpResponse responce = context.Response;
if (!request.Headers.AllKeys.Contains("Origin"))
{
return;
}
var requestUrl = request.Url;
var originUrl = new Uri(request.Headers["Origin"]);
if (!CrossOriginSettings.IsAllowed(requestUrl, originUrl))
{
return;
}
AddHeader("Access-Control-Allow-Origin", originUrl.GetLeftPart(UriPartial.Authority), false);
AddHeader("Access-Control-Allow-Methods", "GET");
AddHeader("Access-Control-Allow-Headers", "X-PINGOTHER, Content-Type, Origin");
AddHeader("Access-Control-Max-Age", "86400", false);
void AddHeader(string key, string value, bool AllowDuplicate = true)
{
if (!AllowDuplicate && responce.Headers.AllKeys.Contains(key))
{
responce.Headers.Remove(key);
}
responce.Headers.Add(key, value);
}
}
/// <summary>
/// HeaderをURLに応じて追加する
/// </summary>
private void AddHeaderFromURL(object sender, EventArgs e)
{
HttpRequest request = (HttpRequest)sender.GetType().GetProperty("Request").GetValue(sender);
HttpResponse responce = (HttpResponse)sender.GetType().GetProperty("Response").GetValue(sender);
if (!request.Headers.AllKeys.Contains("Origin"))
{
return;
}
var requestUrl = request.Url;
var originUrl = new Uri(request.Headers["Origin"]);
var crossorigin = CrossOriginSettings.AllowedRequestPolicy(requestUrl, originUrl);
if (crossorigin is null)
{
return;
}
AddHeader("Access-Control-Allow-Origin", originUrl.GetLeftPart(UriPartial.Authority), false);
void AddHeader(string key, string value, bool AllowDuplicate = true)
{
if (!AllowDuplicate && responce.Headers.AllKeys.Contains(key))
{
responce.Headers.Remove(key);
}
responce.Headers.Add(key, value);
}
}
