add minimal CORS support
authorHenry Story <henry.story@bblfish.net>
Tue, 26 Jun 2012 19:13:46 +0200
changeset 233 02eb38a29272
parent 232 a25e35961998
child 234 cff4d0159b26
add minimal CORS support
src/main/scala/ReadWriteWeb.scala
src/main/scala/util/AccessControlAllowOrigin.scala
--- a/src/main/scala/ReadWriteWeb.scala	Mon Jun 25 10:24:52 2012 +0200
+++ b/src/main/scala/ReadWriteWeb.scala	Tue Jun 26 19:13:46 2012 +0200
@@ -1,5 +1,6 @@
 package org.w3.readwriteweb
 
+import _root_.util.AccessControlAllowAll
 import auth.{AuthZ, NullAuthZ}
 import netty.ResponseBin
 import org.w3.readwriteweb.util._
@@ -110,7 +111,7 @@
                   case GET(_) => Ok ~> ViaSPARQL ~> ContentType(lang.contentType) ~> ResponseModel(model, uri, lang)
                   case HEAD(_) => Ok ~> ViaSPARQL ~> ContentType(lang.contentType)
                 }
-                res ~> ContentLocation( uri.toString ) // without this netty (perhaps jetty too?) sends very weird headers, breaking tests
+                res ~> AccessControlAllowAll ~> ContentLocation( uri.toString ) // without this netty (perhaps jetty too?) sends very weird headers, breaking tests
               }
             case PUT(_) if representation.isInstanceOf[ImageRepr] => {
               for (_ <- r.putStream(Body.stream(req)) failMap { t=> InternalServerError ~> ResponseString(t.getStackTraceString)})
@@ -206,6 +207,9 @@
               for { _ <- r.delete failMap { t => NotFound ~> ResponseString("Error found"+t.toString)}
               } yield NoContent
             }
+//            case OPTIONS(_) => {
+              //todo
+//            }
             case _ => MethodNotAllowed ~> Allow("GET", "PUT", "POST")
           }
           res
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/main/scala/util/AccessControlAllowOrigin.scala	Tue Jun 26 19:13:46 2012 +0200
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2012 Henry Story (bblfish.net)
+ * under the MIT licence defined at
+ *    http://www.opensource.org/licenses/mit-license.html
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in the
+ * Software without restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so, subject to the
+ * following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+ * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+package util
+
+import unfiltered.response.ResponseHeader
+
+/**
+ * Enable Cors http://www.w3.org/TR/cors/
+ */
+
+class AccessControlAllowOrigin(host: String) extends ResponseHeader("Access-Control-Allow-Origin", List(host))
+
+object AccessControlAllowAll extends AccessControlAllowOrigin("*")
\ No newline at end of file