allowing use complex values on push_stream_allowed_origins directive

746e14a9 · Wandenberg · 80f8ba54 · 746e14a9 · 746e14a9 · 746e14a9
Commit 746e14a9 authored Oct 30, 2013 by Wandenberg
6 changed files
--- a/include/ngx_http_push_stream_module.h
+++ b/include/ngx_http_push_stream_module.h
@@ -95,7 +95,7 @@ typedef struct {
    ngx_http_complex_value_t       *user_agent;
    ngx_str_t                       padding_by_user_agent;
    ngx_http_push_stream_padding_t *paddings;
-    ngx_str_t                       allowed_origins;
+    ngx_http_complex_value_t       *allowed_origins;
 } ngx_http_push_stream_loc_conf_t;
 // shared memory segment name

--- a/misc/spec/publisher/properties_spec.rb
+++ b/misc/spec/publisher/properties_spec.rb
@@ -381,6 +381,23 @@ describe "Publisher Properties" do
          end
        end
      end
+      it "should accept a complex value" do
+        channel = 'test_access_control_allow_origin_as_complex'
+        nginx_run_server(config.merge(:allowed_origins => "$arg_domain")) do |conf|
+          EventMachine.run do
+            pub = EventMachine::HttpRequest.new(nginx_address + '/pub?id=' + channel + '&domain=test.com').get :head => headers
+            pub.callback do
+              pub.response_header['ACCESS_CONTROL_ALLOW_ORIGIN'].should eql("test.com")
+              pub.response_header['ACCESS_CONTROL_ALLOW_METHODS'].should eql(accepted_methods)
+              pub.response_header['ACCESS_CONTROL_ALLOW_HEADERS'].should eql("If-Modified-Since,If-None-Match,Etag,Event-Id,Event-Type,Last-Event-Id")
+              EventMachine.stop
+            end
+          end
+        end
+      end
    end
    it "should not receive channel info after publish a message when disabled" do

--- a/misc/spec/subscriber/properties_spec.rb
+++ b/misc/spec/subscriber/properties_spec.rb
@@ -664,6 +664,23 @@ describe "Subscriber Properties" do
        end
      end
    end
+    it "should accept a complex value" do
+      channel = 'test_access_control_allow_origin_as_complex'
+      nginx_run_server(config.merge(:allowed_origins => "$arg_domain")) do |conf|
+        EventMachine.run do
+          sub_1 = EventMachine::HttpRequest.new(nginx_address + '/sub/' + channel.to_s + '?domain=test.com').get :head => headers
+          sub_1.stream do |chunk|
+            sub_1.response_header['ACCESS_CONTROL_ALLOW_ORIGIN'].should eql("test.com")
+            sub_1.response_header['ACCESS_CONTROL_ALLOW_METHODS'].should eql("GET")
+            sub_1.response_header['ACCESS_CONTROL_ALLOW_HEADERS'].should eql("If-Modified-Since,If-None-Match,Etag,Event-Id,Event-Type,Last-Event-Id")
+            EventMachine.stop
+          end
+        end
+      end
+    end
  end
  it "should receive the configured header template" do

--- a/src/ngx_http_push_stream_module_publisher.c
+++ b/src/ngx_http_push_stream_module_publisher.c
@@ -37,11 +37,17 @@ ngx_http_push_stream_publisher_handler(ngx_http_request_t *r)
    ngx_http_push_stream_module_ctx_t  *ctx;
    ngx_http_push_stream_requested_channel_t       *channels_ids, *cur;
+    ngx_str_t                                       vv_allowed_origins = ngx_null_string;
    ngx_http_push_stream_set_expires(r, NGX_HTTP_PUSH_STREAM_EXPIRES_EPOCH, 0);
-    if (cf->allowed_origins.len > 0) {
-        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &cf->allowed_origins);
+    if (cf->allowed_origins != NULL) {
+        ngx_http_push_stream_complex_value(r, cf->allowed_origins, &vv_allowed_origins);
+    }
+    if (vv_allowed_origins.len > 0) {
+        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &vv_allowed_origins);
        const ngx_str_t *header_value = (cf->location_type == NGX_HTTP_PUSH_STREAM_PUBLISHER_MODE_ADMIN) ? &NGX_HTTP_PUSH_STREAM_ALLOW_GET_POST_PUT_DELETE_METHODS : &NGX_HTTP_PUSH_STREAM_ALLOW_GET_POST_PUT_METHODS;
        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_METHODS, header_value);
        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_HEADERS, &NGX_HTTP_PUSH_STREAM_ALLOWED_HEADERS);

--- a/src/ngx_http_push_stream_module_setup.c
+++ b/src/ngx_http_push_stream_module_setup.c
@@ -227,7 +227,7 @@ static ngx_command_t    ngx_http_push_stream_commands[] = {
        NULL },
    { ngx_string("push_stream_allowed_origins"),
        NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
-        ngx_conf_set_str_slot,
+        ngx_http_set_complex_value_slot,
        NGX_HTTP_LOC_CONF_OFFSET,
        offsetof(ngx_http_push_stream_loc_conf_t, allowed_origins),
        NULL },
@@ -534,7 +534,7 @@ ngx_http_push_stream_create_loc_conf(ngx_conf_t *cf)
    lcf->user_agent = NULL;
    lcf->padding_by_user_agent.data = NULL;
    lcf->paddings = NULL;
-    lcf->allowed_origins.data = NULL;
+    lcf->allowed_origins = NULL;
    return lcf;
 }
@@ -558,7 +558,6 @@ ngx_http_push_stream_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
    ngx_conf_merge_value(conf->websocket_allow_publish, prev->websocket_allow_publish, 0);
    ngx_conf_merge_value(conf->channel_info_on_publish, prev->channel_info_on_publish, 1);
    ngx_conf_merge_str_value(conf->padding_by_user_agent, prev->padding_by_user_agent, NGX_HTTP_PUSH_STREAM_DEFAULT_PADDING_BY_USER_AGENT);
-    ngx_conf_merge_str_value(conf->allowed_origins, prev->allowed_origins, NGX_HTTP_PUSH_STREAM_DEFAULT_ALLOWED_ORIGINS);
    ngx_conf_merge_uint_value(conf->location_type, prev->location_type, NGX_CONF_UNSET_UINT);
    if (conf->channels_path == NULL) {
@@ -581,6 +580,10 @@ ngx_http_push_stream_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
        conf->user_agent = prev->user_agent;
    }
+    if (conf->allowed_origins == NULL) {
+        conf->allowed_origins = prev->allowed_origins ;
+    }
    if (conf->location_type == NGX_CONF_UNSET_UINT) {
        return NGX_CONF_OK;
    }

--- a/src/ngx_http_push_stream_module_subscriber.c
+++ b/src/ngx_http_push_stream_module_subscriber.c
@@ -54,10 +54,15 @@ ngx_http_push_stream_subscriber_handler(ngx_http_request_t *r)
    ngx_int_t                                       rc;
    ngx_int_t                                       status_code;
    ngx_str_t                                      *explain_error_message;
+    ngx_str_t                                       vv_allowed_origins = ngx_null_string;
    // add headers to support cross domain requests
-    if (cf->allowed_origins.len > 0) {
+    if (cf->allowed_origins != NULL) {
-        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &cf->allowed_origins);
+        ngx_http_push_stream_complex_value(r, cf->allowed_origins, &vv_allowed_origins);
+    }
+    if (vv_allowed_origins.len > 0) {
+        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN, &vv_allowed_origins);
        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_METHODS, &NGX_HTTP_PUSH_STREAM_ALLOW_GET);
        ngx_http_push_stream_add_response_header(r, &NGX_HTTP_PUSH_STREAM_HEADER_ACCESS_CONTROL_ALLOW_HEADERS, &NGX_HTTP_PUSH_STREAM_ALLOWED_HEADERS);
    }