GitHub/gf-core
1
0
Fork 1
mirror of https://github.com/GrammaticalFramework/gf-core.git synced 2026-04-22 19:22:50 -06:00
Code Issues Packages Projects Releases Wiki Activity

Allow cross origin requests to GF cloud & PGF services

Browse Source 
By adding a header

	Access-Control-Allow-Origin: *

to the HTTP responses, web browsers are informed that it is OK to call the
services from web pages hosted on other sites.

This is apparently supported in most modern browsers, so it should no longer
be necessary to resort to JSONP.

See https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
This commit is contained in:
hallgren
2013-07-25 16:04:43 +00:00
parent 0087456c7a
commit e07a74df01
2 changed files with 24 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/compiler/GFServer.hs
View File

@@ -339,16 +339,16 @@ jsonp qs = json200' $ maybe id apply (lookup "jsonp" qs)
apply f json = f++"("++json++")" apply f json = f++"("++json++")"
-- * Standard HTTP responses -- * Standard HTTP responses
ok200 = Response 200 [plainUTF8,noCache] . encodeString ok200 = Response 200 [plainUTF8,noCache,xo] . encodeString
ok200' t = Response 200 [t] ok200' t = Response 200 [t,xo]
json200 x = json200' id x json200 x = json200' id x
json200' f = ok200' jsonUTF8 . encodeString . f . encode json200' f = ok200' jsonUTF8 . encodeString . f . encode
html200 = ok200' htmlUTF8 . encodeString html200 = ok200' htmlUTF8 . encodeString
resp204 = Response 204 [] "" -- no content resp204 = Response 204 [xo] "" -- no content
resp400 msg = Response 400 [plain] $ "Bad request: "++msg++"\n" resp400 msg = Response 400 [plain,xo] $ "Bad request: "++msg++"\n"
resp404 path = Response 404 [plain] $ "Not found: "++path++"\n" resp404 path = Response 404 [plain,xo] $ "Not found: "++path++"\n"
resp500 msg = Response 500 [plain] $ "Internal error: "++msg++"\n" resp500 msg = Response 500 [plain,xo] $ "Internal error: "++msg++"\n"
resp501 msg = Response 501 [plain] $ "Not implemented: "++msg++"\n" resp501 msg = Response 501 [plain,xo] $ "Not implemented: "++msg++"\n"
instance Error Response where instance Error Response where
noMsg = resp500 "no message" noMsg = resp500 "no message"
@@ -360,6 +360,8 @@ plainUTF8 = ct "text/plain; charset=UTF-8"
jsonUTF8 = ct "text/javascript; charset=UTF-8" jsonUTF8 = ct "text/javascript; charset=UTF-8"
htmlUTF8 = ct "text/html; charset=UTF-8" htmlUTF8 = ct "text/html; charset=UTF-8"
ct t = ("Content-Type",t) ct t = ("Content-Type",t)
xo = ("Access-Control-Allow-Origin","*") -- Allow cross origin requests
-- https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
contentTypeFromExt ext = contentTypeFromExt ext =
case ext of case ext of
@@ -441,7 +443,9 @@ utf8inputs q = [(decodeString k,(decodeString v,v))|(k,v)<-inputs q]
decoded = mapSnd fst decoded = mapSnd fst
raw = mapSnd snd raw = mapSnd snd
inputs = decodeQuery inputs ('?':q) = decodeQuery q
inputs q = decodeQuery q
{- {-
-- Stay clear of queryToArgument, which uses unEscapeString, which had -- Stay clear of queryToArgument, which uses unEscapeString, which had
-- backward incompatible changes in network-2.4.1.1, see -- backward incompatible changes in network-2.4.1.1, see

17
src/server/FastCGIUtils.hs
View File

@@ -22,7 +22,8 @@ import System.Posix
#endif #endif
--import Network.FastCGI --import Network.FastCGI
import Network.CGI import Network.CGI(CGI,CGIResult,setHeader,output,outputFPS,outputError,
getInput,catchCGI,throwCGI)
import Text.JSON import Text.JSON
import qualified Codec.Binary.UTF8.String as UTF8 (encodeString) import qualified Codec.Binary.UTF8.String as UTF8 (encodeString)
@@ -153,9 +154,10 @@ throwCGIError :: Int -> String -> [String] -> CGI a
throwCGIError c m t = throwCGI $ toException $ CGIError c m t throwCGIError c m t = throwCGI $ toException $ CGIError c m t
handleCGIErrors :: CGI CGIResult -> CGI CGIResult handleCGIErrors :: CGI CGIResult -> CGI CGIResult
handleCGIErrors x = x `catchCGI` \e -> case fromException e of handleCGIErrors x =
Nothing -> throw e x `catchCGI` \e -> case fromException e of
Just (CGIError c m t) -> outputError c m t Nothing -> throw e
Just (CGIError c m t) -> do setXO; outputError c m t
-- * General CGI and JSON stuff -- * General CGI and JSON stuff
@@ -174,11 +176,13 @@ outputEncodedJSONP json =
outputPNG :: BS.ByteString -> CGI CGIResult outputPNG :: BS.ByteString -> CGI CGIResult
outputPNG x = do outputPNG x = do
setHeader "Content-Type" "image/png" setHeader "Content-Type" "image/png"
setXO
outputFPS x outputFPS x
outputBinary :: BS.ByteString -> CGI CGIResult outputBinary :: BS.ByteString -> CGI CGIResult
outputBinary x = do outputBinary x = do
setHeader "Content-Type" "application/binary" setHeader "Content-Type" "application/binary"
setXO
outputFPS x outputFPS x
outputHTML :: String -> CGI CGIResult outputHTML :: String -> CGI CGIResult
@@ -192,9 +196,12 @@ outputPlain x = do
outputStrict $ UTF8.encodeString x outputStrict $ UTF8.encodeString x
outputStrict :: String -> CGI CGIResult outputStrict :: String -> CGI CGIResult
outputStrict x | x == x = output x outputStrict x | x == x = do setXO ; output x
| otherwise = fail "I am the pope." | otherwise = fail "I am the pope."
setXO = setHeader "Access-Control-Allow-Origin" "*"
-- https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
-- * General utilities -- * General utilities
splitBy :: (a -> Bool) -> [a] -> [[a]] splitBy :: (a -> Bool) -> [a] -> [[a]]