From 96840c7f1d8e32c26ba608ce860705e87c8584d8 Mon Sep 17 00:00:00 2001 From: a-luz Date: Mon, 4 Nov 2024 11:31:45 -0300 Subject: [PATCH 1/3] Add cors handler --- config.namespaced-example.edn | 5 +++++ config.nested-example.edn | 7 +++++++ src/triangulum/config_namespaced_spec.clj | 2 ++ src/triangulum/config_nested_spec.clj | 2 ++ src/triangulum/handler.clj | 15 +++++++++++++++ 5 files changed, 31 insertions(+) diff --git a/config.namespaced-example.edn b/config.namespaced-example.edn index 06ebb45..d10ee3f 100644 --- a/config.namespaced-example.edn +++ b/config.namespaced-example.edn @@ -23,6 +23,11 @@ :triangulum.handler/private-response-keys #{} :triangulum.handler/upload-max-size-mb 100 :triangulum.handler/upload-max-file-count 10 + :triangulum.handler/cors? false + :triangulum.handler/cors-headers {"Access-Control-Allow-Origin" "https://example.com" + "Access-Control-Allow-Methods" "GET, POST, PUT, DELETE" + "Access-Control-Allow-Headers" "Content-Type, Authorization" + "Access-Control-Allow-Credentials" "true"} ;; workers (server) :triangulum.worker/workers [{:triangulum.worker/name "scheduler" diff --git a/config.nested-example.edn b/config.nested-example.edn index d824b87..9262c51 100644 --- a/config.nested-example.edn +++ b/config.nested-example.edn @@ -28,6 +28,13 @@ :workers {:scheduler {:start product-ns.jobs/start-scheduled-jobs! :stop product-ns.jobs/stop-scheduled-jobs!}} + ;; cors + :cors? false + :cors-headers {"Access-Control-Allow-Origin" "https://example.com" + "Access-Control-Allow-Methods" "GET, POST, PUT, DELETE" + "Access-Control-Allow-Headers" "Content-Type, Authorization" + "Access-Control-Allow-Credentials" "true"} + ;; response :response-type :json} ; :edn or :transit diff --git a/src/triangulum/config_namespaced_spec.clj b/src/triangulum/config_namespaced_spec.clj index 9501417..24acc4f 100644 --- a/src/triangulum/config_namespaced_spec.clj +++ b/src/triangulum/config_namespaced_spec.clj @@ -39,6 +39,8 @@ :triangulum.handler/bad-tokens :triangulum.handler/upload-max-size-mb :triangulum.handler/upload-max-file-count + :triangulum.handler/cors-headers + :triangulum.handler/cors? :triangulum.worker/workers :triangulum.response/response-type]))) diff --git a/src/triangulum/config_nested_spec.clj b/src/triangulum/config_nested_spec.clj index ca8920c..27a33a5 100644 --- a/src/triangulum/config_nested_spec.clj +++ b/src/triangulum/config_nested_spec.clj @@ -25,6 +25,8 @@ :triangulum.handler/private-response-keys :triangulum.handler/upload-max-size-mb :triangulum.handler/upload-max-file-count + :triangulum.handler/cors-headers + :triangulum.handler/cors? :triangulum.worker/workers :triangulum.response/response-type])) diff --git a/src/triangulum/handler.clj b/src/triangulum/handler.clj index 38be164..bc56ffc 100644 --- a/src/triangulum/handler.clj +++ b/src/triangulum/handler.clj @@ -182,6 +182,21 @@ (cookie-store {:key (-> (random-string 16) (string-to-bytes))})) +(defn wrap-cors-routes + "Adds CORS headers for specific routes" + [handler] + (fn [{:keys [uri headers] :as request}] + (let [cors-config (get-config :handler :cors) + routes (->> (get-config :triangulum.handler/routing-tables) + (map (comp deref resolve-foreign-symbol)) + (apply merge)) + route (some (fn [[key value]] + (when (= (second key) uri) + {key value})) routes)] + (if (get-in route [1 :cors?]) + (handler (assoc request :headers (merge headers cors-config))) + (handler request))))) + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; Upload Configuration ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; From 7a3f0ff838f2acece57aecfad6c62317033116fd Mon Sep 17 00:00:00 2001 From: a-luz Date: Mon, 4 Nov 2024 11:34:03 -0300 Subject: [PATCH 2/3] Add cors handler to stack --- src/triangulum/handler.clj | 1 + 1 file changed, 1 insertion(+) diff --git a/src/triangulum/handler.clj b/src/triangulum/handler.clj index bc56ffc..6fad95f 100644 --- a/src/triangulum/handler.clj +++ b/src/triangulum/handler.clj @@ -263,6 +263,7 @@ (wrap-content-type-options :nosniff) wrap-response-logging wrap-gzip + wrap-cors-routes wrap-exceptions (optional-middleware wrap-reload reload?))) From 63f0f46cd5d3eb175bd2000fa941e4c68ed37710 Mon Sep 17 00:00:00 2001 From: a-luz Date: Mon, 4 Nov 2024 11:51:16 -0300 Subject: [PATCH 3/3] Removing unused key --- config.namespaced-example.edn | 1 - config.nested-example.edn | 1 - src/triangulum/config_namespaced_spec.clj | 1 - src/triangulum/config_nested_spec.clj | 1 - src/triangulum/handler.clj | 4 ++-- 5 files changed, 2 insertions(+), 6 deletions(-) diff --git a/config.namespaced-example.edn b/config.namespaced-example.edn index d10ee3f..639d22d 100644 --- a/config.namespaced-example.edn +++ b/config.namespaced-example.edn @@ -23,7 +23,6 @@ :triangulum.handler/private-response-keys #{} :triangulum.handler/upload-max-size-mb 100 :triangulum.handler/upload-max-file-count 10 - :triangulum.handler/cors? false :triangulum.handler/cors-headers {"Access-Control-Allow-Origin" "https://example.com" "Access-Control-Allow-Methods" "GET, POST, PUT, DELETE" "Access-Control-Allow-Headers" "Content-Type, Authorization" diff --git a/config.nested-example.edn b/config.nested-example.edn index 9262c51..edc2bf4 100644 --- a/config.nested-example.edn +++ b/config.nested-example.edn @@ -29,7 +29,6 @@ :stop product-ns.jobs/stop-scheduled-jobs!}} ;; cors - :cors? false :cors-headers {"Access-Control-Allow-Origin" "https://example.com" "Access-Control-Allow-Methods" "GET, POST, PUT, DELETE" "Access-Control-Allow-Headers" "Content-Type, Authorization" diff --git a/src/triangulum/config_namespaced_spec.clj b/src/triangulum/config_namespaced_spec.clj index 24acc4f..05161eb 100644 --- a/src/triangulum/config_namespaced_spec.clj +++ b/src/triangulum/config_namespaced_spec.clj @@ -40,7 +40,6 @@ :triangulum.handler/upload-max-size-mb :triangulum.handler/upload-max-file-count :triangulum.handler/cors-headers - :triangulum.handler/cors? :triangulum.worker/workers :triangulum.response/response-type]))) diff --git a/src/triangulum/config_nested_spec.clj b/src/triangulum/config_nested_spec.clj index 27a33a5..8ae8050 100644 --- a/src/triangulum/config_nested_spec.clj +++ b/src/triangulum/config_nested_spec.clj @@ -26,7 +26,6 @@ :triangulum.handler/upload-max-size-mb :triangulum.handler/upload-max-file-count :triangulum.handler/cors-headers - :triangulum.handler/cors? :triangulum.worker/workers :triangulum.response/response-type])) diff --git a/src/triangulum/handler.clj b/src/triangulum/handler.clj index 6fad95f..cb8de90 100644 --- a/src/triangulum/handler.clj +++ b/src/triangulum/handler.clj @@ -186,14 +186,14 @@ "Adds CORS headers for specific routes" [handler] (fn [{:keys [uri headers] :as request}] - (let [cors-config (get-config :handler :cors) + (let [cors-config (get-config :handler :cors-headers) routes (->> (get-config :triangulum.handler/routing-tables) (map (comp deref resolve-foreign-symbol)) (apply merge)) route (some (fn [[key value]] (when (= (second key) uri) {key value})) routes)] - (if (get-in route [1 :cors?]) + (if (get-in route [1 :cors]) (handler (assoc request :headers (merge headers cors-config))) (handler request)))))