Hi: https://github.com/apache/incubator-apisix/pull/840
Features are duplicated, but for CORS this plugin is easier to use. On Tue, Jan 7, 2020 at 10:31 AM Ming Wen <[email protected]> wrote: > Hi, dequan, > looks good to me. We can discuss the details in PR. > > Thanks, > Ming Wen, Apache APISIX > Twitter: _WenMing > > > li dequan <[email protected]> 于2020年1月7日周二 上午10:17写道: > > > Hi: > > > > Add a CORS plugin to APISIX. > > > > The following is the code of the cors plugin > > > > -- > > -- Created by IntelliJ IDEA. > > -- User: lidequan > > -- Date: 2019-10-10 > > -- Time: 20:40 > > -- To change this template use File | Settings | File Templates. > > -- > > local func = require("apisix.libs.func") > > local core = require("apisix.core") > > local ngx = require("ngx") > > > > local schema = { > > type = "object", > > properties = { > > enable = { type = "boolean", default = true, enum = { true, false > > } }, > > origin = { > > description = "Access-Control-Allow-Origin", > > type = "string", > > default = "*", -- 秒 > > }, > > methods = { > > description = "Access-Control-Allow-method", > > type = "string", > > default='GET, POST, OPTIONS, DELETE, PATCH, HEAD, CONNECT, > > TRACE', > > }, > > headers = { > > description = "Access-Control-Allow-Headers", > > type = "string", > > default = > > > "DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization" > > }, > > credentials ={ > > description = "Access-Control-Allow-Credentials", > > type = "boolean", > > default = true, > > enum = { true, false } > > } > > } > > } > > > > local plugin_name = "odin-cors" > > > > local _M = { > > version = 0.1, > > priority = 2901, > > name = plugin_name, > > schema = schema, > > } > > > > function _M.check_schema(conf) > > local ok, err = core.schema.check(schema, conf) > > > > if not ok then > > return false, err > > end > > > > return true > > end > > > > function _M.access(conf, ctx) > > if not conf.enable then > > return > > end > > > > local access_control_vars = { > > methods = "Access-Control-Allow-Methods", > > headers = "Access-Control-Allow-Headers", > > credentials = "Access-Control-Allow-Credentials" > > } > > > > -- 设置origin > > if not func.empty(conf.origin) then > > local headers = ngx.req.get_headers() > > if not func.empty(headers.origin) then > > local from, _, _ = ngx.re.find(conf.origin, headers.origin) > > if from then > > core.response.set_header("Access-Control-Allow-Origin", > > headers.origin) > > end > > end > > end > > > > for key, name in pairs(access_control_vars) do > > if conf[key] then > > core.response.set_header(name, conf[key]) > > end > > end > > > > end > > > > return _M > > > > > -- *MembPhis* My github: https://github.com/membphis Apache APISIX: https://github.com/apache/incubator-apisix
