Return-Path: 
 <commits-return-12976-apmail-couchdb-commits-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-commits-archive@www.apache.org
Delivered-To: apmail-couchdb-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2B24A104EA
	for <apmail-couchdb-commits-archive@www.apache.org>;
 Thu,  7 Nov 2013 19:41:15 +0000 (UTC)
Received: (qmail 57762 invoked by uid 500); 7 Nov 2013 19:41:15 -0000
Delivered-To: apmail-couchdb-commits-archive@couchdb.apache.org
Received: (qmail 57725 invoked by uid 500); 7 Nov 2013 19:41:15 -0000
Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@couchdb.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@couchdb.apache.org>
List-Post: <mailto:commits@couchdb.apache.org>
List-Id: <commits.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list commits@couchdb.apache.org
Received: (qmail 57718 invoked by uid 99); 7 Nov 2013 19:41:15 -0000
Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org)
 (140.211.11.114)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Nov 2013 19:41:15 +0000
Received: by tyr.zones.apache.org (Postfix, from userid 65534)
	id CF5AD31D60B; Thu,  7 Nov 2013 19:41:14 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: chewbranca@apache.org
To: commits@couchdb.apache.org
Message-Id: <7188712669d9405ba57fe72ae9dbc132@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: git commit: updated refs/heads/1922-cors-reduce-headers to ef79a7c
Date: Thu,  7 Nov 2013 19:41:14 +0000 (UTC)

Updated Branches:
  refs/heads/1922-cors-reduce-headers a9486d266 -> ef79a7c8b (forced update)


COUCHDB-1922: fix CORS exposed headers


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/ef79a7c8
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/ef79a7c8
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/ef79a7c8

Branch: refs/heads/1922-cors-reduce-headers
Commit: ef79a7c8b77c28d3ed1178803636b11de0e0aec6
Parents: 6ee2e72
Author: Russell Branca <chewbranca@gmail.com>
Authored: Thu Nov 7 11:34:58 2013 -0800
Committer: Russell Branca <chewbranca@gmail.com>
Committed: Thu Nov 7 11:40:55 2013 -0800

----------------------------------------------------------------------
 src/couchdb/couch_httpd_cors.erl | 8 +++++---
 test/etap/231-cors.t             | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/ef79a7c8/src/couchdb/couch_httpd_cors.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_cors.erl b/src/couchdb/couch_httpd_cors.erl
index 91fe1ae..d9462d1 100644
--- a/src/couchdb/couch_httpd_cors.erl
+++ b/src/couchdb/couch_httpd_cors.erl
@@ -35,6 +35,8 @@
 % as defined in http://www.w3.org/TR/cors/#terminology
 -define(SIMPLE_HEADERS, ["Cache-Control", "Content-Language",
         "Content-Type", "Expires", "Last-Modified", "Pragma"]).
+-define(ALLOWED_HEADERS, lists:sort(["Server", "Etag",
+        "Accept-Ranges" | ?SIMPLE_HEADERS])).
 -define(SIMPLE_CONTENT_TYPE_VALUES, ["application/x-www-form-urlencoded",
         "multipart/form-data", "text/plain"]).
 
@@ -212,7 +214,7 @@ maybe_apply_cors_headers(CorsHeaders, RequestHeaders0) ->
     % return: RequestHeaders ++ CorsHeaders ++ ACEH
 
     RequestHeaders = [K || {K,_V} <- RequestHeaders0],
-    ExposedHeaders0 = reduce_headers(RequestHeaders, ?SIMPLE_HEADERS),
+    ExposedHeaders0 = reduce_headers(RequestHeaders, ?ALLOWED_HEADERS),
 
     % here we may have not moved Content-Type into ExposedHeaders,
     % now we need to check whether the Content-Type valus is
@@ -242,10 +244,10 @@ reduce_headers(A, B) ->
     reduce_headers0(A, B, []).
 
 reduce_headers0([], _B, Result) ->
-    Result;
+    lists:sort(Result);
 reduce_headers0([ElmA|RestA], B, Result) ->
     R = case member_nocase(ElmA, B) of
-    true -> Result;
+    false -> Result;
     _Else -> [ElmA | Result]
     end,
     reduce_headers0(RestA, B, R).

http://git-wip-us.apache.org/repos/asf/couchdb/blob/ef79a7c8/test/etap/231-cors.t
----------------------------------------------------------------------
diff --git a/test/etap/231-cors.t b/test/etap/231-cors.t
index ce52747..ec17526 100644
--- a/test/etap/231-cors.t
+++ b/test/etap/231-cors.t
@@ -219,7 +219,7 @@ test_db_request(VHost) ->
             "http://example.com",
             "db Access-Control-Allow-Origin ok"),
         etap:is(proplists:get_value("Access-Control-Expose-Headers", RespHeaders),
-            "Content-Type, Server",
+            "Cache-Control, Content-Type, Server",
             "db Access-Control-Expose-Headers ok");
     _ ->
         etap:is(false, true, "ibrowse failed")