forked from html5rocks/playground.html5rocks.com
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcorsserver.py
154 lines (119 loc) · 4.65 KB
/
corsserver.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
import logging
from google.appengine.api import memcache
from google.appengine.ext import webapp
from google.appengine.ext.webapp.util import run_wsgi_app
# TODO: Head responses shouldn't have a body.
separator = '========================================'
def getItem(title, key, val):
return title + ' = ' + key + ': ' + val + '\r\n'
def serializeRequest(request):
reqstr = 'REQUEST\r\n======\r\n\r\n'
reqstr += 'url = ' + request.url + '\r\n'
for header, val in request.headers.items():
reqstr += getItem('header', header, val)
for cookie, val in request.cookies.items():
reqstr += getItem('cookie', cookie, val)
return reqstr
def serializeResponse(response):
resstr = 'RESPONSE\r\n========\r\n\r\n'
for header, val in response.headers.items():
resstr += getItem('header', header, val)
return resstr
def getBody(request, response):
body = 'The following requests/responses were logged by the server:\r\n\r\n'
body += serializeRequest(request)
body += '\r\n\r\n'
body += serializeResponse(response) + '\r\n'
return body
class CorsServer(webapp.RequestHandler):
def __isCors(self):
return 'origin' in self.request.headers
def __addCorsHeaders(self, config):
self.response.headers['Access-Control-Allow-Origin'] = self.request.headers['origin']
self.response.headers['Set-Cookie'] = 'cookie-from-server=noop';
if 'credentials' in config and config['credentials'] == True:
self.response.headers['Access-Control-Allow-Credentials'] = 'true'
def __exposeResponseHeaders(self, header_list, response):
for header in header_list:
response.headers[header] = header + '_value'
def __handleCors(self, config):
self.__addCorsHeaders(config)
exposeHeaders = None
if 'exposeHeaders' in config:
exposeHeaders = config['exposeHeaders']
if exposeHeaders:
self.response.headers['Access-Control-Expose-Headers'] = exposeHeaders
self.__exposeResponseHeaders(exposeHeaders.split(','), self.response)
config['body'] = self.__retrieveBody(config)
def __isPreflight(self, httpMethod):
return self.__isCors() and httpMethod == 'OPTIONS' and 'Access-Control-Request-Method' in self.request.headers
def __handlePreflight(self, config):
self.__addCorsHeaders(config)
if config['methods'] != '':
self.response.headers['Access-Control-Allow-Methods'] = config['methods']
if config['headers'] != '':
self.response.headers['Access-Control-Allow-Headers'] = config['headers']
self.__storeBody(config)
def __storeBody(self, config):
body = getBody(self.request, self.response)
id = config['id']
if id is not None:
memcache.set(id, body)
def __retrieveBody(self, config):
body = getBody(self.request, self.response)
id = config['id']
if id is not None:
prevbody = memcache.get(id)
if prevbody is not None:
body = separator + '\r\nPREFLIGHT REQUEST\r\n\r\n' + prevbody + '\r\n' + separator + '\r\nCORS REQUEST\r\n\r\n' + body
memcache.delete(id)
return body
def __getConfig(self):
config = {}
config['enable'] = self.request.get('enable', True)
if self.request.get('credentials') == 'true':
config['credentials'] = True
config['methods'] = self.request.get('methods')
config['headers'] = self.request.get('headers')
config['exposeHeaders'] = self.request.get('exposeHeaders')
config['id'] = self.request.get('id')
httpstatus = self.request.get('httpstatus')
if httpstatus:
config['httpstatus'] = int(httpstatus)
return config
def __sendResponse(self, config):
self.response.headers['Content-Type'] = 'text/plain'
if 'httpstatus' in config:
self.response.set_status(config['httpstatus'])
body = ''
if 'body' in config:
body = config['body']
self.response.headers['Content-Length'] = len(body)
self.response.out.write(body)
def __handleRequest(self, httpMethod):
config = self.__getConfig()
if self.__isCors() and config['enable'] == True:
if self.__isPreflight(httpMethod):
self.__handlePreflight(config)
else:
self.__handleCors(config)
self.__sendResponse(config)
def delete(self):
self.__handleRequest('DELETE')
def get(self):
self.__handleRequest('GET')
def head(self):
self.__handleRequest('HEAD')
def options(self):
self.__handleRequest('OPTIONS')
def post(self):
self.__handleRequest('POST')
def put(self):
self.__handleRequest('PUT')
application = webapp.WSGIApplication([('/cors/server', CorsServer)],
debug=True)
def main():
logging.getLogger().setLevel(logging.DEBUG)
run_wsgi_app(application)
if __name__ == "__main__":
main()