Fix cors headers

This commit is contained in:
brantje 2017-01-19 13:39:01 +01:00
parent 2a793870ac
commit d509bbd160
No known key found for this signature in database
GPG key ID: 5FF1D117F918687F
9 changed files with 70 additions and 7 deletions

View file

@ -47,7 +47,12 @@ class CredentialController extends ApiController {
SettingsService $settings
) {
parent::__construct($AppName, $request);
parent::__construct(
$AppName,
$request,
'GET, POST, DELETE, PUT, PATCH, OPTIONS',
'Authorization, Content-Type, Accept',
86400);
$this->userId = $userId;
$this->credentialService = $credentialService;
$this->activityService = $activityService;

View file

@ -24,7 +24,12 @@ class FileController extends ApiController {
IRequest $request,
$UserId,
FileService $fileService){
parent::__construct($AppName, $request);
parent::__construct(
$AppName,
$request,
'GET, POST, DELETE, PUT, PATCH, OPTIONS',
'Authorization, Content-Type, Accept',
86400);
$this->userId = $UserId;
$this->fileService = $fileService;
}

View file

@ -29,7 +29,12 @@ class InternalController extends ApiController {
CredentialService $credentialService,
IConfig $config
) {
parent::__construct($AppName, $request);
parent::__construct(
$AppName,
$request,
'GET, POST, DELETE, PUT, PATCH, OPTIONS',
'Authorization, Content-Type, Accept',
86400);
$this->userId = $UserId;
$this->credentialService = $credentialService;
$this->config = $config;

View file

@ -29,7 +29,12 @@ class SettingsController extends ApiController {
$userId,
SettingsService $settings,
IL10N $l) {
parent::__construct($AppName, $request);
parent::__construct(
$AppName,
$request,
'GET, POST, DELETE, PUT, PATCH, OPTIONS',
'Authorization, Content-Type, Accept',
86400);
$this->settings = $settings;
$this->l = $l;
$this->userId = $userId;

View file

@ -61,7 +61,12 @@ class ShareController extends ApiController {
FileService $fileService,
SettingsService $config
) {
parent::__construct($AppName, $request);
parent::__construct(
$AppName,
$request,
'GET, POST, DELETE, PUT, PATCH, OPTIONS',
'Authorization, Content-Type, Accept',
86400);
$this->userId = $UserId;
$this->userManager = $userManager;

View file

@ -23,7 +23,12 @@ class TranslationController extends ApiController {
IRequest $request,
IL10N $trans
) {
parent::__construct($AppName, $request);
parent::__construct(
$AppName,
$request,
'GET, POST, DELETE, PUT, PATCH, OPTIONS',
'Authorization, Content-Type, Accept',
86400);
$this->trans = $trans;
}

View file

@ -37,7 +37,7 @@ class VaultController extends ApiController {
parent::__construct(
$AppName,
$request,
'GET, POST, DELETE, PUT, PATCH',
'GET, POST, DELETE, PUT, PATCH, OPTIONS',
'Authorization, Content-Type, Accept',
86400);
$this->userId = $UserId;

View file

@ -29,6 +29,7 @@ use OCA\Passman\Controller\CredentialController;
use OCA\Passman\Controller\PageController;
use OCA\Passman\Controller\ShareController;
use OCA\Passman\Controller\VaultController;
use OCA\Passman\Middleware\APIMiddleware;
use OCA\Passman\Middleware\ShareMiddleware;
use OCA\Passman\Service\ActivityService;
use OCA\Passman\Service\CronService;
@ -109,6 +110,8 @@ class Application extends App {
return $c->query('ServerContainer')->getLogger();
});
$container->registerMiddleware('APIMiddleware');
// Aliases for the controllers so we can use the automatic DI
$container->registerAlias('CredentialController', CredentialController::class);
$container->registerAlias('PageController', PageController::class);
@ -124,6 +127,7 @@ class Application extends App {
$container->registerAlias('IDBConnection', IDBConnection::class);
$container->registerAlias('IConfig', IConfig::class);
$container->registerAlias('SettingsService', SettingsService::class);
$container->registerAlias('APIMiddleware', APIMiddleware::class);
}
/**

View file

@ -0,0 +1,29 @@
<?php
namespace OCA\Passman\Middleware;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\Response;
use \OCP\AppFramework\Middleware;
use OCP\IRequest;
class APIMiddleware extends Middleware {
private $request;
public function __construct(IRequest $request) {
$this->request = $request;
}
public function afterController($controller, $methodName, Response $response) {
if($response instanceof JSONResponse){
$origin = $this->request->server['HTTP_ORIGIN'];
if($origin) {
$response->addHeader('Access-Control-Allow-Origin', $origin);
}
}
return parent::afterController($controller, $methodName, $response);
}
}