fix: allow all cors headers and methods (#225)

This commit is contained in:
sigoden 2023-06-02 19:07:43 +08:00 committed by GitHub
parent 57b4a74279
commit 27c269d6a0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 8 deletions

View file

@ -1286,17 +1286,15 @@ fn add_cors(res: &mut Response) {
.typed_insert(AccessControlAllowCredentials); .typed_insert(AccessControlAllowCredentials);
res.headers_mut().insert( res.headers_mut().insert(
"Access-Control-Allow-Methods", "Access-Control-Allow-Methods",
HeaderValue::from_static("GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"), HeaderValue::from_static("*"),
); );
res.headers_mut().insert( res.headers_mut().insert(
"Access-Control-Allow-Headers", "Access-Control-Allow-Headers",
HeaderValue::from_static("Authorization,Destination,Range,Content-Type"), HeaderValue::from_static("Authorization,*"),
); );
res.headers_mut().insert( res.headers_mut().insert(
"Access-Control-Expose-Headers", "Access-Control-Expose-Headers",
HeaderValue::from_static( HeaderValue::from_static("Authorization,*"),
"WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition",
),
); );
} }

View file

@ -19,15 +19,15 @@ fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
); );
assert_eq!( assert_eq!(
resp.headers().get("access-control-allow-methods").unwrap(), resp.headers().get("access-control-allow-methods").unwrap(),
"GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE" "*"
); );
assert_eq!( assert_eq!(
resp.headers().get("access-control-allow-headers").unwrap(), resp.headers().get("access-control-allow-headers").unwrap(),
"Authorization,Destination,Range,Content-Type" "Authorization,*"
); );
assert_eq!( assert_eq!(
resp.headers().get("access-control-expose-headers").unwrap(), resp.headers().get("access-control-expose-headers").unwrap(),
"WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition" "Authorization,*"
); );
Ok(()) Ok(())
} }