Return-Path: 
 <commits-return-25582-apmail-couchdb-commits-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-commits-archive@www.apache.org
Delivered-To: apmail-couchdb-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 02F9718401
	for <apmail-couchdb-commits-archive@www.apache.org>;
 Tue,  2 Feb 2016 15:23:29 +0000 (UTC)
Received: (qmail 92829 invoked by uid 500); 2 Feb 2016 15:23:23 -0000
Delivered-To: apmail-couchdb-commits-archive@couchdb.apache.org
Received: (qmail 92672 invoked by uid 500); 2 Feb 2016 15:23:23 -0000
Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@couchdb.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@couchdb.apache.org>
List-Post: <mailto:commits@couchdb.apache.org>
List-Id: <commits.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list commits@couchdb.apache.org
Received: (qmail 92443 invoked by uid 99); 2 Feb 2016 15:23:23 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Feb 2016 15:23:23 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id 93B91E00DC; Tue,  2 Feb 2016 15:23:23 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: kxepal@apache.org
To: commits@couchdb.apache.org
Date: Tue, 02 Feb 2016 15:23:26 -0000
Message-Id: <8b1e47c7269a4d20ad74be4f678f7f5f@git.apache.org>
In-Reply-To: <c16b50c30db54df284d089d839d7e37c@git.apache.org>
References: <c16b50c30db54df284d089d839d7e37c@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [4/6] chttpd commit: updated refs/heads/master to 41ac33a

Introduce cors/exposed_headers config setting


Project: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/commit/a634e220
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/tree/a634e220
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/diff/a634e220

Branch: refs/heads/master
Commit: a634e22040a80ad597857fb896ab7eb03f3eb30d
Parents: 63af933
Author: ILYA Khlopotov <iilyak@ca.ibm.com>
Authored: Mon Jan 25 13:06:39 2016 -0800
Committer: ILYA Khlopotov <iilyak@ca.ibm.com>
Committed: Fri Jan 29 11:45:03 2016 -0800

----------------------------------------------------------------------
 src/chttpd_cors.erl | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/blob/a634e220/src/chttpd_cors.erl
----------------------------------------------------------------------
diff --git a/src/chttpd_cors.erl b/src/chttpd_cors.erl
index 81cd475..2af3166 100644
--- a/src/chttpd_cors.erl
+++ b/src/chttpd_cors.erl
@@ -180,15 +180,17 @@ headers(Req, RequestHeaders, Origin, Config) ->
         true ->
             AcceptedOrigins = get_accepted_origins(Req, Config),
             CorsHeaders = handle_headers(Config, Origin, AcceptedOrigins),
-            maybe_apply_headers(CorsHeaders, RequestHeaders);
+            ExposedCouchHeaders = couch_util:get_value(
+                <<"exposed_headers">>, Config, ?COUCH_HEADERS),
+            maybe_apply_headers(CorsHeaders, RequestHeaders, ExposedCouchHeaders);
         false ->
             RequestHeaders
     end.
 
 
-maybe_apply_headers([], RequestHeaders) ->
+maybe_apply_headers([], RequestHeaders, _ExposedCouchHeaders) ->
     RequestHeaders;
-maybe_apply_headers(CorsHeaders, RequestHeaders) ->
+maybe_apply_headers(CorsHeaders, RequestHeaders, ExposedCouchHeaders) ->
     %% Find all non ?SIMPLE_HEADERS and and non ?SIMPLE_CONTENT_TYPE_VALUES,
     %% expose those through Access-Control-Expose-Headers, allowing
     %% the client to access them in the browser. Also append in
@@ -214,9 +216,10 @@ maybe_apply_headers(CorsHeaders, RequestHeaders) ->
         true ->
             ExposedHeaders0
         end,
-    %% ?COUCH_HEADERS may get added later, so expose them by default
+
+    %% ExposedCouchHeaders may get added later, so expose them by default
     ACEH = [{"Access-Control-Expose-Headers",
-        string:join(ExposedHeaders ++ ?COUCH_HEADERS, ", ")}],
+        string:join(ExposedHeaders ++ ExposedCouchHeaders, ", ")}],
     CorsHeaders ++ RequestHeaders ++ ACEH.
 
 
@@ -284,6 +287,12 @@ get_cors_config(#httpd{cors_config = undefined}) ->
         AllowMethods0 ->
             split_list(AllowMethods0)
     end,
+    ExposedHeaders = case config:get("cors", "exposed_headers", undefined) of
+        undefined ->
+            ?COUCH_HEADERS;
+        ExposedHeaders0 ->
+            split_list(ExposedHeaders0)
+    end,
     Origins0 = binary_split_list(config:get("cors", "origins", [])),
     Origins = [{O, {[]}} || O <- Origins0],
     [
@@ -291,6 +300,7 @@ get_cors_config(#httpd{cors_config = undefined}) ->
         {<<"allow_credentials">>, AllowCredentials},
         {<<"allow_methods">>, AllowMethods},
         {<<"allow_headers">>, AllowHeaders},
+        {<<"exposed_headers">>, ExposedHeaders},
         {<<"origins">>, {Origins}}
     ];
 get_cors_config(#httpd{cors_config = Config}) ->