Add support for CORS/HSTS/OSCORE/Interative Client security headers (Issue #266)

author Michael R Sweet <michael.r.sweet@gmail.com>

Tue, 5 Oct 2021 14:45:47 +0000 (10:45 -0400)

committer Michael R Sweet <michael.r.sweet@gmail.com>

Tue, 5 Oct 2021 14:45:47 +0000 (10:45 -0400)
author Michael R Sweet <michael.r.sweet@gmail.com>
Tue, 5 Oct 2021 14:45:47 +0000 (10:45 -0400)
committer Michael R Sweet <michael.r.sweet@gmail.com>
Tue, 5 Oct 2021 14:45:47 +0000 (10:45 -0400)
diff --git a/cups/http.c b/cups/http.c

index 15881aed0b4e0189b6fcfa10e70b998567ea5881..2b5acae145260398bfce339e37b645898a778c38 100644 (file)
--- a/cups/http.c
+++ b/cups/http.c
@@ -107,7 +107,19 @@ static const char * const http_fields[] =
                           "Accept-Encoding",
                           "Allow",
                           "Server",
-                         "Authentication-Info"
+                         "Authentication-Info",
+                         "Access-Control-Allow-Credentials",
+                         "Access-Control-Allow-Headers",
+                         "Access-Control-Allow-Methods",
+                         "Access-Control-Allow-Origin",
+                         "Access-Control-Expose-Headers",
+                         "Access-Control-Max-Age",
+                         "Access-Control-Request-Headers",
+                         "Access-Control-Request-Method",
+                         "Optional-WWW-Authenticate",
+                         "Origin",
+                         "OSCORE",
+                         "Strict-Transport-Security"
                         };
  
  
diff --git a/cups/http.h b/cups/http.h

index 57dd2ebcfb361ee601bffe110715674a231de74b..6c45301e5e663a0a1c02274e17ebfc09ed2c8f08 100644 (file)
--- a/cups/http.h
+++ b/cups/http.h
@@ -176,7 +176,26 @@ typedef enum http_field_e          /**** HTTP field names ****/
    HTTP_FIELD_ACCEPT_ENCODING,          /* Accepting-Encoding field @since CUPS 1.7/macOS 10.9@ */
    HTTP_FIELD_ALLOW,                    /* Allow field @since CUPS 1.7/macOS 10.9@ */
    HTTP_FIELD_SERVER,                   /* Server field @since CUPS 1.7/macOS 10.9@ */
-  HTTP_FIELD_AUTHENTICATION_INFO,      /* Authentication-Info field (@since CUPS 2.2.9) */
+  HTTP_FIELD_AUTHENTICATION_INFO,      /* Authentication-Info field @since CUPS 2.2.9@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_CREDENTIALS,
+                                       /* CORS/Fetch Access-Control-Allow-Cresdentials field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_HEADERS,
+                                       /* CORS/Fetch Access-Control-Allow-Headers field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_METHODS,
+                                       /* CORS/Fetch Access-Control-Allow-Methods field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_ORIGIN,
+                                       /* CORS/Fetch Access-Control-Allow-Origin field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_EXPOSE_HEADERS,
+                                       /* CORS/Fetch Access-Control-Expose-Headers field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_MAX_AGE,   /* CORS/Fetch Access-Control-Max-Age field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_REQUEST_HEADERS,
+                                       /* CORS/Fetch Access-Control-Request-Headers field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_REQUEST_METHOD,
+                                       /* CORS/Fetch Access-Control-Request-Method field @since CUPS 2.4@ */
+  HTTP_FIELD_OPTIONAL_WWW_AUTHENTICATE,        /* RFC 8053 Optional-WWW-Authenticate field @since CUPS 2.4@ */
+  HTTP_FIELD_ORIGIN,                   /* RFC 6454 Origin field @since CUPS 2.4@ */
+  HTTP_FIELD_OSCORE,                   /* RFC 8613 OSCORE field @since CUPS 2.4@ */
+  HTTP_FIELD_STRICT_TRANSPORT_SECURITY,        /* HSTS Strict-Transport-Security field @since CUPS 2.4@ */
    HTTP_FIELD_MAX                       /* Maximum field index */
  } http_field_t;
author	Michael R Sweet <michael.r.sweet@gmail.com>
	Tue, 5 Oct 2021 14:45:47 +0000 (10:45 -0400)
committer	Michael R Sweet <michael.r.sweet@gmail.com>
	Tue, 5 Oct 2021 14:45:47 +0000 (10:45 -0400)
cups/http.c		patch \| blob \| blame \| history
cups/http.h		patch \| blob \| blame \| history