diff -ru web2/http_headers.py web2-CardDavMATE/http_headers.py
|
old
|
new
|
|
| 1531 | 1531 | 'Set-Cookie2':(tokenize, parseSetCookie2), |
| 1532 | 1532 | 'Vary':(tokenize, filterTokens), |
| 1533 | 1533 | 'WWW-Authenticate': (lambda h: tokenize(h, foldCase=False), |
| 1534 | | parseWWWAuthenticate,) |
| | 1534 | parseWWWAuthenticate,), |
| | 1535 | |
| | 1536 | # begin CardDavMATE section |
| | 1537 | 'Access-Control-Allow-Origin':(last,), |
| | 1538 | 'Access-Control-Allow-Methods':(last,), |
| | 1539 | 'Access-Control-Allow-Headers':(last,), |
| | 1540 | 'Access-Control-Allow-Credentials':(last,) |
| | 1541 | # end CardDavMATE section |
| 1535 | 1542 | } |
| 1536 | 1543 | |
| 1537 | 1544 | generator_response_headers = { |
| … |
… |
|
| 1545 | 1552 | 'Set-Cookie':(generateSetCookie,), |
| 1546 | 1553 | 'Set-Cookie2':(generateSetCookie2,), |
| 1547 | 1554 | 'Vary':(generateList, singleHeader), |
| 1548 | | 'WWW-Authenticate':(generateWWWAuthenticate,) |
| | 1555 | 'WWW-Authenticate':(generateWWWAuthenticate,), |
| | 1556 | |
| | 1557 | # begin CardDavMATE section |
| | 1558 | 'Access-Control-Allow-Origin':(str, singleHeader), |
| | 1559 | 'Access-Control-Allow-Methods':(str, singleHeader), |
| | 1560 | 'Access-Control-Allow-Headers':(str, singleHeader), |
| | 1561 | 'Access-Control-Allow-Credentials':(str, singleHeader) |
| | 1562 | # end CardDavMATE section |
| 1549 | 1563 | } |
| 1550 | 1564 | |
| 1551 | 1565 | parser_entity_headers = { |
diff -ru web2/server.py web2-CardDavMATE/server.py
|
old
|
new
|
|
| 58 | 58 | response.headers.setHeader('server', VERSION) |
| 59 | 59 | if not response.headers.hasHeader('date'): |
| 60 | 60 | response.headers.setHeader('date', time.time()) |
| | 61 | |
| | 62 | # begin CardDavMATE section |
| | 63 | if not response.headers.hasHeader('Access-Control-Allow-Origin'): |
| | 64 | response.headers.setHeader('Access-Control-Allow-Origin', '*') |
| | 65 | if not response.headers.hasHeader('Access-Control-Allow-Methods'): |
| | 66 | response.headers.setHeader('Access-Control-Allow-Methods','GET,POST,OPTIONS,PROPFIND,REPORT,PUT,DELETE') |
| | 67 | if not response.headers.hasHeader('Access-Control-Allow-Headers'): |
| | 68 | response.headers.setHeader('Access-Control-Allow-Headers','User-Agent,Authorization,Content-type,Depth,If-match,If-None-Match,X-client') |
| | 69 | if not response.headers.hasHeader('Access-Control-Allow-Credentials'): |
| | 70 | response.headers.setHeader('Access-Control-Allow-Credentials','true') |
| | 71 | # end CardDavMATE section |
| | 72 | |
| 61 | 73 | return response |
| 62 | 74 | defaultHeadersFilter.handleErrors = True |
| 63 | 75 | |
| … |
… |
|
| 354 | 366 | example. This would also be the place to do any CONNECT |
| 355 | 367 | processing.""" |
| 356 | 368 | |
| 357 | | if self.method == "OPTIONS" and self.uri == "*": |
| | 369 | if self.method == "OPTIONS": |
| 358 | 370 | response = http.Response(responsecode.OK) |
| 359 | 371 | response.headers.setHeader('allow', ('GET', 'HEAD', 'OPTIONS', 'TRACE')) |
| 360 | 372 | return response |
