Beispiel #1
0
func (ri *RequestId) Filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
	if req.Method() == "GET" {
		chain(req, resp)
		return
	}

	reqId := req.Header(ri.HeaderName)
	if reqId == "" {
		if ri.PassingOnNoId {
			chain(req, resp)
		} else {
			resp.ReportBadRequest()
			resp.Send("error", ri.Error)
		}
	} else {
		id := req.RemoteIP() + ":" + reqId
		if err := ri.Store.Save(id); err == ErrRequestIDExist {
			resp.ReportForbidden()
			resp.Send("error", ri.ErrorOverlap)
		} else if err != nil {
			ri.logger.Warnln(err)
		} else {
			chain(req, resp)
			ri.Store.Remove(id)
		}
	}
}
Beispiel #2
0
func (c *CORS) filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) {
	origin := "*"
	if !c.allowAll {
		origin = req.Header(_CORS_ORIGIN)
		if !c.allow(origin) {
			resp.ReportForbidden()
			return
		}
	}
	resp.SetHeader(_CORS_ALLOWORIGIN, origin)

	resp.SetHeader(_CORS_ALLOWMETHODS, c.methods)
	resp.SetHeader(_CORS_ALLOWHEADERS, c.headers)

	resp.SetHeader(_CORS_ALLOWCREDENTIALS, c.allowCredentials)
	if c.exposeHeaders != "" {
		resp.SetHeader(_CORS_EXPOSEHEADERS, c.exposeHeaders)
	}
	if c.preflightMaxage != "" {
		resp.SetHeader(_CORS_MAXAGE, c.preflightMaxage)
	}

	chain(req, resp)
}