func (c *CORS) filter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) { headers := resp.Headers() origin := "*" if !c.allowAll { origin = req.GetHeader(_CORS_ORIGIN) if !c.allow(origin) { resp.StatusCode(http.StatusForbidden) return } } headers.Set(_CORS_ALLOWORIGIN, origin) headers.Set(_CORS_ALLOWMETHODS, c.methods) headers.Set(_CORS_ALLOWHEADERS, c.headers) headers.Set(_CORS_ALLOWCREDENTIALS, c.allowCredentials) if c.exposeHeaders != "" { headers.Set(_CORS_EXPOSEHEADERS, c.exposeHeaders) } if c.preflightMaxage != "" { headers.Set(_CORS_MAXAGE, c.preflightMaxage) } chain(req, resp) }
func globalFilter(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) { status := resp.StatusCode(0) if status == http.StatusNotFound { resp.Headers().Set("Location", path+"/options?from="+url.QueryEscape(req.URL().Path)) resp.StatusCode(http.StatusMovedPermanently) } else if status == http.StatusMethodNotAllowed { io2.WriteString(resp, "The pprof interface only support GET request\n") } else { chain(req, resp) } }
func Compress(req zerver.Request, resp zerver.Response, chain zerver.FilterChain) { encoding := req.GetHeader(zerver.HEADER_ACCEPTENCODING) respHeaders := resp.Headers() if strings.Contains(encoding, zerver.ENCODING_GZIP) { respHeaders.Set(zerver.HEADER_CONTENTENCODING, zerver.ENCODING_GZIP) resp.Wrap(gzipWrapper) } else if strings.Contains(encoding, zerver.ENCODING_DEFLATE) { respHeaders.Set(zerver.HEADER_CONTENTENCODING, zerver.ENCODING_DEFLATE) resp.Wrap(flateWrapper) } else { chain(req, resp) return } chain(req, resp) respHeaders.Del(zerver.HEADER_CONTENTLENGTH) }
func (c *CORS) preflight(req zerver.Request, resp zerver.Response, method, headers string) { origin := "*" if !c.allowAll { origin = req.GetHeader(_CORS_ORIGIN) if !c.allow(origin) { resp.StatusCode(http.StatusOK) return } } respHeaders := resp.Headers() respHeaders.Set(_CORS_ALLOWORIGIN, origin) upperMethod := strings.ToUpper(method) for _, m := range c.Methods { if m == upperMethod { respHeaders.Add(_CORS_ALLOWMETHODS, method) break } } for _, h := range strings2.SplitAndTrim(headers, ",") { for _, ch := range c.Headers { if strings.ToLower(h) == ch { // c.Headers already ToLowered when Init respHeaders.Add(_CORS_ALLOWHEADERS, ch) break } } } respHeaders.Set(_CORS_ALLOWCREDENTIALS, c.allowCredentials) if c.exposeHeaders != "" { respHeaders.Set(_CORS_EXPOSEHEADERS, c.exposeHeaders) } if c.preflightMaxage != "" { respHeaders.Set(_CORS_MAXAGE, c.preflightMaxage) } resp.StatusCode(http.StatusOK) }