couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject [8/28] git commit: simplify handling of Allow-Credentials
Date Sun, 11 Nov 2012 19:24:31 GMT
simplify handling of Allow-Credentials


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/e32b00a2
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/e32b00a2
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/e32b00a2

Branch: refs/heads/431-feature-cors
Commit: e32b00a286466838136ab41baa4f72bc04379e8e
Parents: dd59ddf
Author: Jan Lehnardt <jan@apache.org>
Authored: Thu Nov 8 22:50:07 2012 +0100
Committer: Jan Lehnardt <jan@apache.org>
Committed: Sun Nov 11 16:11:15 2012 +0000

----------------------------------------------------------------------
 src/couchdb/couch_httpd_cors.erl |   37 ++++++++++++++------------------
 1 files changed, 16 insertions(+), 21 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/e32b00a2/src/couchdb/couch_httpd_cors.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_cors.erl b/src/couchdb/couch_httpd_cors.erl
index e14917f..c3caa5c 100644
--- a/src/couchdb/couch_httpd_cors.erl
+++ b/src/couchdb/couch_httpd_cors.erl
@@ -82,14 +82,8 @@ handle_cors_headers(Origin, Host, AcceptedOrigins) ->
 
 
 make_cors_header(Origin, Host) ->
-    Credentials = credentials(Origin, Host),
-    [{"Access-Control-Allow-Origin", Origin}]
-    ++ make_cors_header_credentials(Credentials).
-
-make_cors_header_credentials(true) ->
-    [{"Access-Control-Allow-Credentials", "true"}];
-make_cors_header_credentials(false) ->
-    [].
+    Headers = [{"Access-Control-Allow-Origin", Origin}],
+    maybe_add_credentials(Origin, Host, Headers).
 
 preflight_request(MochiReq) ->
     Host = couch_httpd_vhost:host(MochiReq),
@@ -130,19 +124,11 @@ handle_preflight_request(Origin, Host, MochiReq) ->
     % get max age
     MaxAge = cors_config(Host, "max_age", ?CORS_DEFAULT_MAX_AGE),
 
-    PreflightHeaders0 = case credentials(Origin, Host) of
-    true ->
-        [{"Access-Control-Allow-Origin", Origin},
-         {"Access-Control-Allow-Credentials", "true"},
-         {"Access-Control-Max-Age", MaxAge},
-         {"Access-Control-Allow-Methods", string:join(SupportedMethods,
-                                                      ", ")}];
-    false ->
-        [{"Access-Control-Allow-Origin", Origin},
-         {"Access-Control-Max-Age", MaxAge},
-         {"Access-Control-Allow-Methods", string:join(SupportedMethods,
-                                                      ", ")}]
-    end,
+    PreflightHeaders0 = maybe_add_credentials(Origin, Host, [
+        {"Access-Control-Allow-Origin", Origin},
+        {"Access-Control-Max-Age", MaxAge},
+        {"Access-Control-Allow-Methods",
+            string:join(SupportedMethods, ", ")}]),
 
     case MochiReq:get_header_value("Access-Control-Request-Method") of
     undefined ->
@@ -188,6 +174,15 @@ send_preflight_response(#httpd{mochi_req=MochiReq}=Req, Headers) ->
     {ok, MochiReq:respond({204, Headers2, <<>>})}.
 
 
+maybe_add_credentials(Origin, Host, Headers) ->
+    maybe_add_credentials(Headers, credentials(Origin, Host)).
+
+maybe_add_credentials(Headers, false) ->
+    Headers;
+maybe_add_credentials(Headers, true) ->
+    Headers ++ [{"Access-Control-Allow-Credentials", "true"}].
+
+
 credentials("*", _Host) ->
     false;
 credentials(_Origin, Host) ->


Mime
View raw message