Re: 【DISCUSS】Add CORS Plugin

Mon, 06 Jan 2020 18:31:30 -0800 

Hi, dequan,
looks good to me. We can discuss the details in PR.

Thanks,
Ming Wen, Apache APISIX
Twitter: _WenMing


li dequan <[email protected]> 于2020年1月7日周二 上午10:17写道:

> Hi:
>
> Add a CORS plugin to APISIX.
>
> The following is the code of the cors plugin
>
> --
> -- Created by IntelliJ IDEA.
> -- User: lidequan
> -- Date: 2019-10-10
> -- Time: 20:40
> -- To change this template use File | Settings | File Templates.
> --
> local func = require("apisix.libs.func")
> local core = require("apisix.core")
> local ngx = require("ngx")
>
> local schema = {
>     type = "object",
>     properties = {
>         enable = { type = "boolean", default = true, enum = { true, false
> } },
>         origin = {
>             description = "Access-Control-Allow-Origin",
>             type = "string",
>             default = "*", -- 秒
>         },
>         methods = {
>             description = "Access-Control-Allow-method",
>             type = "string",
>             default='GET, POST, OPTIONS, DELETE, PATCH, HEAD, CONNECT,
> TRACE',
>         },
>         headers = {
>             description = "Access-Control-Allow-Headers",
>             type   = "string",
>             default =
> "DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization"
>         },
>         credentials ={
>             description = "Access-Control-Allow-Credentials",
>             type = "boolean",
>             default = true,
>             enum = { true, false }
>         }
>     }
> }
>
> local plugin_name = "odin-cors"
>
> local _M = {
>     version = 0.1,
>     priority = 2901,
>     name = plugin_name,
>     schema = schema,
> }
>
> function _M.check_schema(conf)
>     local ok, err = core.schema.check(schema, conf)
>
>     if not ok then
>         return false, err
>     end
>
>     return true
> end
>
> function _M.access(conf, ctx)
>     if not conf.enable then
>         return
>     end
>
>     local access_control_vars = {
>         methods = "Access-Control-Allow-Methods",
>         headers = "Access-Control-Allow-Headers",
>         credentials = "Access-Control-Allow-Credentials"
>     }
>
>     -- 设置origin
>     if not func.empty(conf.origin) then
>         local headers = ngx.req.get_headers()
>         if not func.empty(headers.origin) then
>             local from, _, _ = ngx.re.find(conf.origin, headers.origin)
>             if from then
>                 core.response.set_header("Access-Control-Allow-Origin",
> headers.origin)
>             end
>         end
>     end
>
>     for key, name in pairs(access_control_vars) do
>         if conf[key] then
>             core.response.set_header(name, conf[key])
>         end
>     end
>
> end
>
> return _M
>
>

Reply via email to