func (c *CORS) filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
headers := resp.Headers()
origin := "*"
if !c.allowAll {
origin = req.GetHeader(_CORS_ORIGIN)
if !c.allow(origin) {
resp.StatusCode(http.StatusForbidden)
return
}
}
headers.Set(_CORS_ALLOWORIGIN, origin)
headers.Set(_CORS_ALLOWMETHODS, c.methods)
headers.Set(_CORS_ALLOWHEADERS, c.headers)
headers.Set(_CORS_ALLOWCREDENTIALS, c.allowCredentials)
if c.exposeHeaders != "" {
headers.Set(_CORS_EXPOSEHEADERS, c.exposeHeaders)
}
if c.preflightMaxage != "" {
headers.Set(_CORS_MAXAGE, c.preflightMaxage)
}
chain(req, resp)
}
func globalFilter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
status := resp.StatusCode(0)
if status == http.StatusNotFound {
resp.Headers().Set("Location", path+"/options?from="+url.QueryEscape(req.URL().Path))
resp.StatusCode(http.StatusMovedPermanently)
} else if status == http.StatusMethodNotAllowed {
io2.WriteString(resp, "The pprof interface only support GET request\n")
} else {
chain(req, resp)
}
}
func Compress(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
encoding := req.GetHeader(zerver.HEADER_ACCEPTENCODING)
respHeaders := resp.Headers()
if strings.Contains(encoding, zerver.ENCODING_GZIP) {
respHeaders.Set(zerver.HEADER_CONTENTENCODING, zerver.ENCODING_GZIP)
resp.Wrap(gzipWrapper)
} else if strings.Contains(encoding, zerver.ENCODING_DEFLATE) {
respHeaders.Set(zerver.HEADER_CONTENTENCODING, zerver.ENCODING_DEFLATE)
resp.Wrap(flateWrapper)
} else {
chain(req, resp)
return
}
chain(req, resp)
respHeaders.Del(zerver.HEADER_CONTENTLENGTH)
}
func (c *CORS) preflight(req zerver.Request, resp zerver.Response, method, headers string) {
origin := "*"
if !c.allowAll {
origin = req.GetHeader(_CORS_ORIGIN)
if !c.allow(origin) {
resp.StatusCode(http.StatusOK)
return
}
}
respHeaders := resp.Headers()
respHeaders.Set(_CORS_ALLOWORIGIN, origin)
upperMethod := strings.ToUpper(method)
for _, m := range c.Methods {
if m == upperMethod {
respHeaders.Add(_CORS_ALLOWMETHODS, method)
break
}
}
for _, h := range strings2.SplitAndTrim(headers, ",") {
for _, ch := range c.Headers {
if strings.ToLower(h) == ch { // c.Headers already ToLowered when Init
respHeaders.Add(_CORS_ALLOWHEADERS, ch)
break
}
}
}
respHeaders.Set(_CORS_ALLOWCREDENTIALS, c.allowCredentials)
if c.exposeHeaders != "" {
respHeaders.Set(_CORS_EXPOSEHEADERS, c.exposeHeaders)
}
if c.preflightMaxage != "" {
respHeaders.Set(_CORS_MAXAGE, c.preflightMaxage)
}
resp.StatusCode(http.StatusOK)
}
