From 56333d634636bf55e8f6759000fae7aeda851cc5 Mon Sep 17 00:00:00 2001 From: Florian Lahn Date: Tue, 6 Feb 2018 16:45:32 +0100 Subject: [PATCH] added OPTIONS methods for each endpoint regarding CORS --- R/api.R | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 56 insertions(+), 7 deletions(-) diff --git a/R/api.R b/R/api.R index ec8b17f..c812510 100644 --- a/R/api.R +++ b/R/api.R @@ -415,12 +415,17 @@ openeo.server$api.version <- "0.0.1" .cors_filter = function(res) { res$setHeader("Access-Control-Allow-Origin", "*") - res$setHeader("Access-Control-Allow-Headers", "Authorization, Accept, Content-Type") res$setHeader("Access-Control-Allow-Credentials", TRUE) - res$setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS,PATCH") plumber::forward() } +.cors_option_bypass = function(req,res) { + res$setHeader("Access-Control-Allow-Headers", "Authorization, Accept, Content-Type") + res$setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS,PATCH") + + return(res) +} + ############################ # # utility functions @@ -465,12 +470,19 @@ createAPI = function() { "/api/version", handler = .version, serializer = serializer_unboxed_json()) + root$handle("OPTIONS", + "/api/version", + handler = .cors_option_bypass) root$handle("GET", "/api/capabilities", handler = .capabilities, serializer = serializer_unboxed_json()) + root$handle("OPTIONS", + "/api/capabilities", + handler = .cors_option_bypass) + root$registerHook("postroute",.cors_filter) data = plumber$new() @@ -479,11 +491,17 @@ createAPI = function() { "/", handler = .listData, serializer = serializer_unboxed_json()) + data$handle("OPTIONS", + "/", + handler = .cors_option_bypass) data$handle("GET", "/", handler = .describeData, serializer = serializer_unboxed_json()) + data$handle("OPTIONS", + "/", + handler = .cors_option_bypass) root$mount("/api/data",data) @@ -493,11 +511,17 @@ createAPI = function() { "/", handler = .listProcesses, serializer = serializer_unboxed_json()) + process$handle("OPTIONS", + "/", + handler = .cors_option_bypass) process$handle("GET", "/", handler = .describeProcess, serializer = serializer_unboxed_json()) + process$handle("OPTIONS", + "/", + handler = .cors_option_bypass) root$mount("/api/processes",process) @@ -507,16 +531,23 @@ createAPI = function() { "/", handler = .describeJob, serializer = serializer_unboxed_json()) + jobs$handle("OPTIONS", + "/", + handler = .cors_option_bypass) jobs$handle("POST", "/", handler = .createNewJob, serializer = serializer_unboxed_json()) + jobs$handle("OPTIONS", + "/", + handler = .cors_option_bypass) jobs$handle("DELETE", "/", handler = .deleteJob, serializer = serializer_unboxed_json()) + jobs$filter("authorization",.authorized) @@ -528,6 +559,9 @@ createAPI = function() { "//files", handler = .listUserFiles, serializer = serializer_unboxed_json()) + users$handle("OPTIONS", + "//files", + handler = .cors_option_bypass) users$handle("GET", "//files/", @@ -544,11 +578,19 @@ createAPI = function() { handler = .deleteUserData, serializer = serializer_unboxed_json()) + users$handle("OPTIONS", + "//files/", + handler = .cors_option_bypass) + users$handle("GET", "//jobs", handler = .listUserJobs, serializer = serializer_unboxed_json()) + users$handle("OPTIONS", + "//jobs", + handler = .cors_option_bypass) + users$filter("authorization",.authorized) root$mount("/api/users",users) @@ -560,15 +602,22 @@ createAPI = function() { handler = .login, serializer = serializer_unboxed_json()) + authentication$handle("OPTIONS", + "/login", + handler = .cors_option_bypass) + root$mount("/api/auth",authentication) download = plumber$new() - download$handle( - "GET", - "/", - handler = .downloadSimple, - serializer = serializer_unboxed_json()) + download$handle("GET", + "/", + handler = .downloadSimple, + serializer = serializer_unboxed_json()) + + download$handle("OPTIONS", + "/", + handler = .cors_option_bypass) download$filter("authorization", .authorized)