Created
July 16, 2013 19:35
-
-
Save doapp-ryanp/6011897 to your computer and use it in GitHub Desktop.
geddy cors
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
this.before(function(){ | |
var res = this.response; | |
if ('OPTIONS' == this.request.method) { | |
res.setHeaders(200,{ | |
'Content-Type': 'text/plain', | |
'Access-Control-Allow-Origin': '*', | |
'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE, OPTIONS', | |
'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-Requested-With', | |
'Access-Control-Max-Age': 5184000 //2 months | |
}); | |
res.finish(); | |
return; | |
} | |
else { | |
this.response.resp.setHeader('Access-Control-Allow-Origin', '*'); | |
} | |
}); |
I haven't dealt with this personally, but don't you need a route set up to handle OPTIONS requests? The default resource routes only map REST verbs to CRUD actions, so OPTIONS would give you a 405 before you hit the action on the controller.
Thanks @mde, that fixed the problem indeed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm new to geddy, and I presume one would put this in the controller? I see you handle an OPTIONS request, but oddly my .before() filter isn't firing when the request is OPTIONS, does yours? If so then maybe I've found a bug in the version I'm running. Which version did you test this on?