Hi, Benoit and devs. I am working a little bit every day on the CORS rewrite. If you could, would you please review the code in progress?
The policy implementation is 400 LOC now and nearly complete. Features: 1. A single .erl file 2. Purely functional, parameterized, (uses no couch code besides trivial ?b2l(), couch_util, etc.) 3. Given a global policy, a local policy (_security object), a method, and list of headers, it returns the CORS response headers 4. For convenience, omit the global policy and we break rule 2 and pull it from couch_config 5. The local policy is also optional, since _security objects may be milling/degenerate. In other words, the only file worth reading is this one, but the Couch CORS community appreciates if you can glance at it. Maybe we can get the ball rolling on easy stuff like style and customs while Benoit, Randall and I pound out the remainder. https://github.com/jhs/couchdb/blob/newcors/src/couchdb/couch_cors_policy.erl Oh, also, I will rewrite the Git history before proposing a patchset so pardon the mess. Thanks! -- Iris Couch
