volume: add CORS support

This commit is contained in:
Chris Lu 2020-10-31 16:31:39 -07:00
parent 9708df47d1
commit 05acc33294
2 changed files with 23 additions and 1 deletions

View file

@ -1,10 +1,11 @@
package weed_server
import (
"github.com/chrislusf/seaweedfs/weed/util"
"net/http"
"strings"
"github.com/chrislusf/seaweedfs/weed/util"
"github.com/chrislusf/seaweedfs/weed/glog"
"github.com/chrislusf/seaweedfs/weed/security"
"github.com/chrislusf/seaweedfs/weed/stats"
@ -27,6 +28,10 @@ security settings:
func (vs *VolumeServer) privateStoreHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Server", "SeaweedFS Volume "+util.VERSION)
if r.Header.Get("Origin") != "" {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Credentials", "true")
}
switch r.Method {
case "GET", "HEAD":
stats.ReadRequest()
@ -37,11 +42,18 @@ func (vs *VolumeServer) privateStoreHandler(w http.ResponseWriter, r *http.Reque
case "PUT", "POST":
stats.WriteRequest()
vs.guard.WhiteList(vs.PostHandler)(w, r)
case "OPTIONS":
stats.ReadRequest()
vs.guard.WhiteList(vs.OptionsHandler)(w, r)
}
}
func (vs *VolumeServer) publicReadOnlyHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Server", "SeaweedFS Volume "+util.VERSION)
if r.Header.Get("Origin") != "" {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Credentials", "true")
}
switch r.Method {
case "GET":
stats.ReadRequest()
@ -49,6 +61,9 @@ func (vs *VolumeServer) publicReadOnlyHandler(w http.ResponseWriter, r *http.Req
case "HEAD":
stats.ReadRequest()
vs.GetOrHeadHandler(w, r)
case "OPTIONS":
stats.ReadRequest()
vs.OptionsHandler(w, r)
}
}

View file

@ -270,3 +270,10 @@ func writeResponseContent(filename, mimeType string, rs io.ReadSeeker, w http.Re
})
return nil
}
func (vs *VolumeServer) OptionsHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Add("Access-Control-Allow-Origin", "*")
w.Header().Add("Access-Control-Allow-Methods", "PUT, POST, GET, DELETE, OPTIONS")
w.Header().Add("Access-Control-Allow-Headers", "Content-Type")
w.Header().Add("Access-Control-Allow-Credentials", "true")
}