MyFavMirrors/owntone-server
1
0
Fork 0
mirror of https://github.com/owntone/owntone-server.git synced 2025-04-16 00:58:18 -04:00
Code Issues Packages Projects Releases Wiki Activity

[httpd] Reply to CORS preflight requests

Browse Source
This commit is contained in:
ejurgensen 2016-10-18 23:04:51 +02:00
parent c44f4310b7
commit 57945a592c
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/httpd.c
View File

@ -1045,10 +1045,29 @@ serve_file(struct evhttp_request *req, char *uri)
static void static void
httpd_gen_cb(struct evhttp_request *req, void *arg) httpd_gen_cb(struct evhttp_request *req, void *arg)
{ {
struct evkeyvalq *input_headers;
struct evkeyvalq *output_headers;
const char *req_uri; const char *req_uri;
char *uri; char *uri;
char *ptr; char *ptr;
// Did we get a CORS preflight request?
input_headers = evhttp_request_get_input_headers(req);
if (allow_origin && (evhttp_request_get_command(req) == EVHTTP_REQ_OPTIONS) && evhttp_find_header(input_headers, "Origin"))
{
output_headers = evhttp_request_get_output_headers(req);
evhttp_add_header(output_headers, "Access-Control-Allow-Origin", allow_origin);
// Allow only GET method and authorization header in cross origin requests
evhttp_add_header(output_headers, "Access-Control-Allow-Method", "GET");
evhttp_add_header(output_headers, "Access-Control-Allow-Headers", "authorization");
// In this case there is no reason to go through httpd_send_reply
evhttp_send_reply(req, HTTP_OK, "OK", NULL);
return;
}
req_uri = evhttp_request_get_uri(req); req_uri = evhttp_request_get_uri(req);
if (!req_uri) if (!req_uri)
{ {