Software /
code /
prosody-modules
Diff
mod_http_upload/mod_http_upload.lua @ 3376:972832108c78
mod_http_upload: Add CORS headers for web clients (untested)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sun, 18 Nov 2018 12:06:13 +0000 |
parent | 3369:fca95f1b8870 |
child | 3377:683365d370d8 |
line wrap: on
line diff
--- a/mod_http_upload/mod_http_upload.lua Sat Nov 17 14:27:00 2018 +0000 +++ b/mod_http_upload/mod_http_upload.lua Sun Nov 18 12:06:13 2018 +0000 @@ -284,6 +284,15 @@ end }); +local function set_cross_domain_headers(response) + local headers = response.headers; + headers.access_control_allow_methods = "GET, PUT, POST, OPTIONS"; + headers.access_control_allow_headers = "Content-Type"; + headers.access_control_max_age = "7200"; + headers.access_control_allow_origin = response.request.headers.origin or "*"; + return response; +end + local function send_response_sans_body(response, body) if response.finished then return; end response.finished = true; @@ -320,6 +329,7 @@ local serve_uploaded_files = http_files.serve(storage_path); local function serve_head(event, path) + set_cross_domain_headers(event.response); event.response.send = send_response_sans_body; event.response.send_file = send_response_sans_body; return serve_uploaded_files(event, path); @@ -337,6 +347,13 @@ ["GET /*"] = serve_uploaded_files; ["HEAD /*"] = serve_head; ["PUT /*"] = upload_data; + + ["OPTIONS /*"] = function (event) + if event.request.headers.origin then + set_cross_domain_headers(event.response); + end + return ""; + end; }; });