packages feed

wai-cors 0.1.2 → 0.1.3

raw patch · 5 files changed

+101/−72 lines, 5 files

Files

CHANGELOG.md view
@@ -1,3 +1,8 @@+0.1.3+=====++*   Improved documentation+ 0.1.2 ===== 
README.md view
@@ -1,3 +1,5 @@+[![Build Status](https://travis-ci.org/alephcloud/wai-cors.svg?branch=master)](https://travis-ci.org/alephcloud/wai-cors)+ Cross-Origin Resource Sharing (CORS) For Wai ============================================ 
constraints view
@@ -1,55 +1,56 @@-constraints: MonadRandom == 0.1.13-           , array == 0.5.0.0-           , attoparsec == 0.11.3.4-           , base == 4.7.0.0-           , base-unicode-symbols == 0.2.2.4-           , blaze-builder == 0.3.3.2-           , bytestring == 0.10.4.0-           , case-insensitive == 1.2.0.0-           , charset == 0.3.7-           , comonad == 4.2-           , conduit == 1.1.2.1-           , conduit-extra == 1.1.0.3-           , containers == 0.5.5.1-           , contravariant == 0.5.1-           , deepseq == 1.3.0.2-           , directory == 1.2.1.0-           , distributive == 0.4.3.2-           , either == 4.1.2-           , errors == 1.4.7-           , exceptions == 0.6.1-           , filepath == 1.3.0.2-           , ghc-prim == 0.3.1.0-           , hashable == 1.2.2.0-           , http-types == 0.8.4-           , integer-gmp == 0.5.1.0-           , lifted-base == 0.2.2.2-           , mmorph == 1.0.3-           , monad-control == 0.3.3.0-           , mtl == 2.1.3.1-           , nats == 0.2-           , network == 2.5.0.0-           , old-locale == 1.0.0.6-           , parsec == 3.1.5-           , parsers == 0.11.0.1-           , primitive == 0.5.3.0-           , random == 1.0.1.1-           , resourcet == 1.1.2.2-           , rts == 1.0-           , safe == 0.3.4-           , scientific == 0.3.2.0-           , semigroupoids == 4.0.2-           , semigroups == 0.14-           , streaming-commons == 0.1.2.4-           , tagged == 0.7.2-           , text == 1.1.1.2-           , time == 1.4.2-           , transformers == 0.3.0.0-           , transformers-base == 0.4.2-           , transformers-compat == 0.1.1.1-           , unix == 2.7.0.1-           , unordered-containers == 0.2.4.0-           , vault == 0.3.0.3-           , void == 0.6.1-           , wai == 2.1.0.2-           , zlib == 0.5.4.1+constraints: MonadRandom ==0.1.13,+             array ==0.5.0.0,+             attoparsec ==0.11.3.4,+             base ==4.7.0.0,+             base-unicode-symbols ==0.2.2.4,+             blaze-builder ==0.3.3.2,+             bytestring ==0.10.4.0,+             case-insensitive ==1.2.0.0,+             charset ==0.3.7,+             comonad ==4.2,+             conduit ==1.1.2.1,+             conduit-extra ==1.1.0.3,+             containers ==0.5.5.1,+             contravariant ==0.5.1,+             deepseq ==1.3.0.2,+             directory ==1.2.1.0,+             distributive ==0.4.3.2,+             either ==4.1.2,+             errors ==1.4.7,+             exceptions ==0.6.1,+             filepath ==1.3.0.2,+             ghc-prim ==0.3.1.0,+             hashable ==1.2.2.0,+             http-types ==0.8.4,+             integer-gmp ==0.5.1.0,+             lifted-base ==0.2.2.2,+             mmorph ==1.0.3,+             monad-control ==0.3.3.0,+             mtl ==2.1.3.1,+             nats ==0.2,+             network ==2.5.0.0,+             old-locale ==1.0.0.6,+             parsec ==3.1.5,+             parsers ==0.11.0.1,+             primitive ==0.5.3.0,+             random ==1.0.1.1,+             resourcet ==1.1.2.2,+             rts ==1.0,+             safe ==0.3.4,+             scientific ==0.3.2.0,+             semigroupoids ==4.0.2,+             semigroups ==0.14,+             streaming-commons ==0.1.2.4,+             tagged ==0.7.2,+             text ==1.1.1.2,+             time ==1.4.2,+             transformers ==0.3.0.0,+             transformers-base ==0.4.2,+             transformers-compat ==0.1.1.1,+             unix ==2.7.0.1,+             unordered-containers ==0.2.4.0,+             vault ==0.3.0.3,+             void ==0.6.1,+             wai ==2.1.0.2,+             wai-cors ==0.1.3,+             zlib ==0.5.4.1
src/Network/Wai/Middleware/Cors.hs view
@@ -14,6 +14,26 @@ -- | An implemenation of Cross-Origin resource sharing (CORS) for WAI that -- aims to be compliant with <http://www.w3.org/TR/cors>. --+-- The function 'simpleCors' enables support of simple cross-origin requests.+--+-- The following is an example how to enable support for simple cross-origin requests+-- for a <http://hackage.haskell.org/package/scotty scotty> application.+--+-- > {-# LANGUAGE UnicodeSyntax #-}+-- > {-# LANGUAGE OverloadedStrings #-}+-- >+-- > module Main+-- > ( main+-- > ) where+-- >+-- > import Network.Wai.Middleware.Cors+-- > import Web.Scotty+-- >+-- > main ∷ IO ()+-- > main = scotty 8080 $ do+-- >     middleware simpleCors+-- >     matchAny  "/" $ text "Success"+-- module Network.Wai.Middleware.Cors ( Origin , CorsResourcePolicy(..)@@ -176,10 +196,10 @@ -- for the HTTP response headers @Access-Control-Allow-Headers@ and -- @Access-Control-Allow-Methods@ all values specified in the -- 'CorsResourcePolicy' together with the respective values for simple requests--- (except @content-type@). This does not imply that the respective values are--- actually supported for the Resource by the application. Thus, depending on--- the application, an actual request may still fail with 404 even if the--- preflight request /supported/ the usage of the HTTP method with CORS.+-- (except @content-type@). This does not imply that the application actually+-- supports the respective values are for the requested resource. Thus,+-- depending on the application, an actual request may still fail with 404 even+-- if the preflight request /supported/ the usage of the HTTP method with CORS. -- -- The implementation does not distinguish between simple requests and requests -- that require preflight. The client is free to omit a preflight request or do@@ -190,9 +210,9 @@ -- -- /TODO/ ----- * We may consider adding enforcment aspects to this module: we may check if---   a request respects our origin restrictions and we may check that a CORS---   request respects the restrictions that we publish in the preflight+-- * We may consider adding optional enforcment aspects to this module: we may+--   check if a request respects our origin restrictions and we may check that a+--   CORS request respects the restrictions that we publish in the preflight --   responses. -- -- * Even though slightly out of scope we may (optionally) check if@@ -200,9 +220,9 @@ --   using CORS may expect this, since this check is recommended in --   <http://www.w3.org/TR/cors>. ----- * We may consider integrating CORS policy handling more---   closely with the handling of the source, for instance---   by integrating with 'ActionM' from scotty.+-- * We may consider integrating CORS policy handling more closely with the+--   handling of the source, for instance by integrating with 'ActionM' from+--   scotty. -- cors     ∷ (WAI.Request → Maybe CorsResourcePolicy) -- ^ A value of 'Nothing' indicates that the resource is not available for CORS@@ -318,12 +338,13 @@ -- | A CORS middleware that supports simple cross-origin requests for all -- resources. ----- It does not check if the resource corresponds to the restrictions for--- simple requests. This is in accordance with <http://www.w3.org/TR/cors/>.--- The client (user-agent) is supposed to enforcement CORS policy. The--- role of the server to provide the client with the respective policy constraints.+-- This middleware does not check if the resource corresponds to the+-- restrictions for simple requests. This is in accordance with+-- <http://www.w3.org/TR/cors/>. The client (user-agent) is supposed to+-- enforcement CORS policy. The role of the server is to provide the client+-- with the respective policy constraints. ----- It is out of the scope of the this middleware if the server chooses to+-- It is out of the scope of the this module if the server chooses to -- enforce rules on its resources in relation to CORS policy itself. -- simpleCors ∷ WAI.Middleware@@ -397,7 +418,7 @@ isSubsetOf ∷ Eq α ⇒ [α] → [α] → Bool isSubsetOf l1 l2 = intersect l1 l2 ≡ l1 --- Add HTTP headers to a WAI response+-- | Add HTTP headers to a WAI response -- addHeaders ∷ HTTP.ResponseHeaders → WAI.Response → ReqMonad WAI.Response addHeaders hdrs res = do
wai-cors.cabal view
@@ -3,7 +3,7 @@ -- ------------------------------------------------------ --  Name: wai-cors-Version: 0.1.2+Version: 0.1.3 Synopsis: CORS for WAI  Description: