API tools faq
paste
Advertisement
Guest User

CORS #1

a guest
May 1st, 2014
578
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Diff 2.69 KB | None | 0 0
raw download clone embed print report
  1. !!!! The line numbers may not be accurate: I added printfs in my code but stripped them out from the diff here !!!!
  2.  
  3.  
  4. Index: libtransmission/rpc-server.c
  5. ===================================================================
  6. --- libtransmission/rpc-server.c    (revision 14216)
  7. +++ libtransmission/rpc-server.c    (working copy)
  8.  
  9. @@ -543,8 +548,42 @@
  10.    evbuffer_free (buf);
  11.    tr_free (data);
  12.  }
  13. +enum
  14. +{
  15. +  CORS_HEADERS_ALL,
  16. +  CORS_HEADERS_MINIMUM
  17. +};
  18.  
  19.  static void
  20. +handle_cors_headers (struct evhttp_request * req, struct tr_rpc_server * server, int headers)
  21. +{
  22. +  if (server->isWhitelistEnabled)
  23. +    {
  24. +      tr_list * l;
  25. +
  26. +      for (l=server->whitelist; l!=NULL; l=l->next)
  27. +        {
  28. +          char* mask = l->data;
  29. +          if (tr_wildmat (req->remote_host, mask))
  30. +            break;
  31. +        }
  32. +
  33. +      if (l != NULL)
  34. +        {
  35. +          const char * origin = evhttp_find_header (req->input_headers, "Origin");
  36. +          evhttp_add_header (req->output_headers, "Access-Control-Allow-Origin", origin);
  37. +          if (headers == CORS_HEADERS_ALL)
  38. +            {
  39. +#ifdef REQUIRE_SESSION_ID
  40. +              evhttp_add_header (req->output_headers, "Access-Control-Expose-Headers", "X-Transmission-Session-Id");
  41. +#endif
  42. +              evhttp_add_header (req->output_headers, "Access-Control-Allow-Methods", "GET,POST");
  43. +            }
  44. +        }
  45. +    }
  46. +}
  47. +
  48. +static void
  49.  handle_rpc_from_json (struct evhttp_request * req,
  50.                        struct tr_rpc_server  * server,
  51.                        const char            * json,
  52. @@ -552,6 +591,9 @@
  53.  {
  54.    struct rpc_response_data * data;
  55.  
  56. +  handle_cors_headers (req, server, CORS_HEADERS_MINIMUM);
  57. +
  58.    data = tr_new0 (struct rpc_response_data, 1);
  59.    data->req = req;
  60.    data->server = server;
  61.  
  62.  
  63. @@ -682,16 +732,19 @@
  64.              "<p><code>%s: %s</code></p>",
  65.              TR_RPC_SESSION_ID_HEADER, sessionId);
  66.            evhttp_add_header (req->output_headers, TR_RPC_SESSION_ID_HEADER, sessionId);
  67. +          handle_cors_headers (req, server, CORS_HEADERS_MINIMUM);
  68.            send_simple_response (req, 409, tmp);
  69.            tr_free (tmp);
  70.          }
  71.  
  72. @@ -705,11 +758,16 @@
  73.    tr_rpc_server * server  = vserver;
  74.    tr_address addr;
  75.  
  76.    if (!server->httpd)
  77.      {
  78.        addr.type = TR_AF_INET;
  79.        addr.addr.addr4 = server->bindAddress;
  80.        server->httpd = evhttp_new (server->session->event_base);
  81. +      evhttp_set_allowed_methods (server->httpd,
  82. +          EVHTTP_REQ_GET |
  83. +          EVHTTP_REQ_POST |
  84. +          EVHTTP_REQ_OPTIONS);
  85.        evhttp_bind_socket (server->httpd, tr_address_to_string (&addr), server->port);
  86.        evhttp_set_gencb (server->httpd, handle_request, server);
  87.      }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!