Merge pull request #168 from an-tao/dev

Add some necessary headers in preflight responses for CORS
2024-12-04 04:38:14 +08:00 · 2019-06-01 07:35:21 +08:00 · 2019-06-01 07:35:21 +08:00 · 06e4ed43b9
commit 06e4ed43b9
parent 433fdafd55 335f852aab
5 changed files with 17 additions and 7 deletions
--- a/examples/simple_example/main.cc
+++ b/examples/simple_example/main.cc
@ -221,10 +221,11 @@ int main()
        // return;
        accb();
    });
-    app().registerPostHandlingAdvice(
-        [](const drogon::HttpRequestPtr &, const drogon::HttpResponsePtr &) {
-            LOG_DEBUG << "postHandling1";
-        });
+    app().registerPostHandlingAdvice([](const drogon::HttpRequestPtr &,
+                                        const drogon::HttpResponsePtr &resp) {
+        LOG_DEBUG << "postHandling1";
+        resp->addHeader("Access-Control-Allow-Origin", "*");
+    });
    app().registerPreRoutingAdvice([](const drogon::HttpRequestPtr &req) {
        LOG_DEBUG << "preRouting observer";
    });
--- a/lib/inc/drogon/HttpRequest.h
+++ b/lib/inc/drogon/HttpRequest.h
@ -174,8 +174,9 @@ class HttpRequest

    /// Get the Json object of the request
    /**
-     * The content type of the request must be 'application/json', otherwise
-     * the method returns an empty object.
+     * The content type of the request must be 'application/json', and the query
+     * string (the part after the question mark in the URI) must be empty,
+     * otherwise the method returns an empty shared_ptr object.
     */
    virtual const std::shared_ptr<Json::Value> jsonObject() const = 0;
    const std::shared_ptr<Json::Value> getJsonObject() const
--- a/lib/src/HttpControllersRouter.cc
+++ b/lib/src/HttpControllersRouter.cc
@ -514,6 +514,10 @@ void HttpControllersRouter::doPreHandlingAdvices(
        }
        methods.resize(methods.length() - 1);
        resp->addHeader("ALLOW", methods);
+        resp->addHeader("Access-Control-Allow-Origin", "*");
+        resp->addHeader("Access-Control-Allow-Methods", methods);
+        resp->addHeader("Access-Control-Allow-Headers",
+                        "x-requested-with,content-type");
        callback(resp);
        return;
    }
--- a/lib/src/HttpRequestImpl.cc
+++ b/lib/src/HttpRequestImpl.cc
@ -30,7 +30,7 @@ void HttpRequestImpl::parseParameters() const
    std::transform(type.begin(), type.end(), type.begin(), tolower);
    if (_method == Get ||
        (_method == Post &&
-         (type == "" ||
+         (type.empty() ||
          type.find("application/x-www-form-urlencoded") != std::string::npos)))
    {
        std::string::size_type pos = 0;
--- a/lib/src/HttpSimpleControllersRouter.cc
+++ b/lib/src/HttpSimpleControllersRouter.cc
@ -379,6 +379,10 @@ void HttpSimpleControllersRouter::doPreHandlingAdvices(
        }
        methods.resize(methods.length() - 1);
        resp->addHeader("ALLOW", methods);
+        resp->addHeader("Access-Control-Allow-Origin", "*");
+        resp->addHeader("Access-Control-Allow-Methods", methods);
+        resp->addHeader("Access-Control-Allow-Headers",
+                        "x-requested-with,content-type");
        callback(resp);
        return;
    }