Commit 746e14a9 authored by Wandenberg's avatar Wandenberg

allowing use complex values on push_stream_allowed_origins directive

parent 80f8ba54
......@@ -95,7 +95,7 @@ typedef struct {
ngx_http_complex_value_t *user_agent;
ngx_str_t padding_by_user_agent;
ngx_http_push_stream_padding_t *paddings;
ngx_str_t allowed_origins;
ngx_http_complex_value_t *allowed_origins;
} ngx_http_push_stream_loc_conf_t;
// shared memory segment name
......
......@@ -381,6 +381,23 @@ describe "Publisher Properties" do
end
end
end
it "should accept a complex value" do
channel = 'test_access_control_allow_origin_as_complex'
nginx_run_server(config.merge(:allowed_origins => "$arg_domain")) do |conf|
EventMachine.run do
pub = EventMachine::HttpRequest.new(nginx_address + '/pub?id=' + channel + '&domain=test.com').get :head => headers
pub.callback do
pub.response_header['ACCESS_CONTROL_ALLOW_ORIGIN'].should eql("test.com")
pub.response_header['ACCESS_CONTROL_ALLOW_METHODS'].should eql(accepted_methods)
pub.response_header['ACCESS_CONTROL_ALLOW_HEADERS'].should eql("If-Modified-Since,If-None-Match,Etag,Event-Id,Event-Type,Last-Event-Id")
EventMachine.stop
end
end
end
end
end
it "should not receive channel info after publish a message when disabled" do
......
......@@ -664,6 +664,23 @@ describe "Subscriber Properties" do
end
end
end
it "should accept a complex value" do
channel = 'test_access_control_allow_origin_as_complex'
nginx_run_server(config.merge(:allowed_origins => "$arg_domain")) do |conf|
EventMachine.run do
sub_1 = EventMachine::HttpRequest.new(nginx_address + '/sub/' + channel.to_s + '?domain=test.com').get :head => headers
sub_1.stream do |chunk|
sub_1.response_header['ACCESS_CONTROL_ALLOW_ORIGIN'].should eql("test.com")
sub_1.response_header['ACCESS_CONTROL_ALLOW_METHODS'].should eql("GET")
sub_1.response_header['ACCESS_CONTROL_ALLOW_HEADERS'].should eql("If-Modified-Since,If-None-Match,Etag,Event-Id,Event-Type,Last-Event-Id")
EventMachine.stop
end
end
end
end
end
it "should receive the configured header template" do
......
......@@ -37,11 +37,17 @@ ngx_http_push_stream_publisher_handler(ngx_http_request_t *r)
ngx_http_push_stream_module_ctx_t *ctx;
ngx_http_push_stream_requested_channel_t *channels_ids, *cur;
ngx_str_t vv_allowed_origins = ngx_null_string;
ngx_http_push_stream_set_expires(r, NGX_HTTP_PUSH_STREAM_EXPIRES_EPOCH, 0);
if (cf->allowed_origins.len > 0) {
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &cf->allowed_origins);
if (cf->allowed_origins != NULL) {
ngx_http_push_stream_complex_value(r, cf->allowed_origins, &vv_allowed_origins);
}
if (vv_allowed_origins.len > 0) {
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &vv_allowed_origins);
const ngx_str_t *header_value = (cf->location_type == NGX_HTTP_PUSH_STREAM_PUBLISHER_MODE_ADMIN) ? &NGX_HTTP_PUSH_STREAM_ALLOW_GET_POST_PUT_DELETE_METHODS : &NGX_HTTP_PUSH_STREAM_ALLOW_GET_POST_PUT_METHODS;
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_METHODS, header_value);
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_HEADERS, &NGX_HTTP_PUSH_STREAM_ALLOWED_HEADERS);
......
......@@ -227,7 +227,7 @@ static ngx_command_t ngx_http_push_stream_commands[] = {
NULL },
{ ngx_string("push_stream_allowed_origins"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
ngx_conf_set_str_slot,
ngx_http_set_complex_value_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_push_stream_loc_conf_t, allowed_origins),
NULL },
......@@ -534,7 +534,7 @@ ngx_http_push_stream_create_loc_conf(ngx_conf_t *cf)
lcf->user_agent = NULL;
lcf->padding_by_user_agent.data = NULL;
lcf->paddings = NULL;
lcf->allowed_origins.data = NULL;
lcf->allowed_origins = NULL;
return lcf;
}
......@@ -558,7 +558,6 @@ ngx_http_push_stream_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_value(conf->websocket_allow_publish, prev->websocket_allow_publish, 0);
ngx_conf_merge_value(conf->channel_info_on_publish, prev->channel_info_on_publish, 1);
ngx_conf_merge_str_value(conf->padding_by_user_agent, prev->padding_by_user_agent, NGX_HTTP_PUSH_STREAM_DEFAULT_PADDING_BY_USER_AGENT);
ngx_conf_merge_str_value(conf->allowed_origins, prev->allowed_origins, NGX_HTTP_PUSH_STREAM_DEFAULT_ALLOWED_ORIGINS);
ngx_conf_merge_uint_value(conf->location_type, prev->location_type, NGX_CONF_UNSET_UINT);
if (conf->channels_path == NULL) {
......@@ -581,6 +580,10 @@ ngx_http_push_stream_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
conf->user_agent = prev->user_agent;
}
if (conf->allowed_origins == NULL) {
conf->allowed_origins = prev->allowed_origins ;
}
if (conf->location_type == NGX_CONF_UNSET_UINT) {
return NGX_CONF_OK;
}
......
......@@ -54,10 +54,15 @@ ngx_http_push_stream_subscriber_handler(ngx_http_request_t *r)
ngx_int_t rc;
ngx_int_t status_code;
ngx_str_t *explain_error_message;
ngx_str_t vv_allowed_origins = ngx_null_string;
// add headers to support cross domain requests
if (cf->allowed_origins.len > 0) {
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &cf->allowed_origins);
if (cf->allowed_origins != NULL) {
ngx_http_push_stream_complex_value(r, cf->allowed_origins, &vv_allowed_origins);
}
if (vv_allowed_origins.len > 0) {
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &vv_allowed_origins);
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_METHODS, &NGX_HTTP_PUSH_STREAM_ALLOW_GET);
ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_HEADERS, &NGX_HTTP_PUSH_STREAM_ALLOWED_HEADERS);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment