From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Wed, 11 Jan 2017 13:50:17 +0000 (+0000)
Subject: [Feature] Add CORS support to the controller
X-Git-Tag: 1.5.0~371
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=be333bcd20ec9f6ce27075e71c4952f8bd626d4f;p=thirdparty%2Frspamd.git

[Feature] Add CORS support to the controller
---

diff --git a/src/controller.c b/src/controller.c
index cae23d3114..06eb6f0df7 100644
--- a/src/controller.c
+++ b/src/controller.c
@@ -2627,6 +2627,61 @@ rspamd_controller_handle_plugins (struct rspamd_http_connection_entry *conn_ent,
 	return 0;
 }
 
+/*
+ * Called on unknown methods and is used to deal with CORS as per
+ * https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
+ */
+static int
+rspamd_controller_handle_unknown (struct rspamd_http_connection_entry *conn_ent,
+	struct rspamd_http_message *msg)
+{
+	struct rspamd_http_message *rep;
+
+	if (msg->method == HTTP_OPTIONS) {
+		/* Assume CORS request */
+
+		rep = rspamd_http_new_message (HTTP_RESPONSE);
+		rep->date = time (NULL);
+		rep->code = 200;
+		rep->status = rspamd_fstring_new_init ("OK", 2);
+		rspamd_http_message_add_header (rep, "Access-Control-Allow-Methods",
+				"POST, GET, OPTIONS");
+		rspamd_http_message_add_header (rep, "Access-Control-Allow-Headers",
+						"Content-Type, Password, Map");
+		rspamd_http_connection_reset (conn_ent->conn);
+		rspamd_http_router_insert_headers (conn_ent->rt, rep);
+		rspamd_http_connection_write_message (conn_ent->conn,
+				rep,
+				NULL,
+				"text/plain",
+				conn_ent,
+				conn_ent->conn->fd,
+				conn_ent->rt->ptv,
+				conn_ent->rt->ev_base);
+		conn_ent->is_reply = TRUE;
+	}
+	else {
+		rep = rspamd_http_new_message (HTTP_RESPONSE);
+		rep->date = time (NULL);
+		rep->code = 500;
+		rep->status = rspamd_fstring_new_init ("Invalid method",
+				strlen ("Invalid method"));
+		rspamd_http_connection_reset (conn_ent->conn);
+		rspamd_http_router_insert_headers (conn_ent->rt, rep);
+		rspamd_http_connection_write_message (conn_ent->conn,
+				rep,
+				NULL,
+				"text/plain",
+				conn_ent,
+				conn_ent->conn->fd,
+				conn_ent->rt->ptv,
+				conn_ent->rt->ev_base);
+		conn_ent->is_reply = TRUE;
+	}
+
+	return 0;
+}
+
 static int
 rspamd_controller_handle_lua_plugin (struct rspamd_http_connection_entry *conn_ent,
 	struct rspamd_http_message *msg)
@@ -3504,6 +3559,9 @@ start_controller_worker (struct rspamd_worker *worker)
 				"Access-Control-Allow-Origin", "*");
 	}
 
+	rspamd_http_router_set_unknown_handler (ctx->http,
+			rspamd_controller_handle_unknown);
+
 	ctx->resolver = dns_resolver_init (worker->srv->logger,
 			ctx->ev_base,
 			worker->srv->cfg);
diff --git a/src/libutil/http.c b/src/libutil/http.c
index deed78a1a8..eec53b515b 100644
--- a/src/libutil/http.c
+++ b/src/libutil/http.c
@@ -3187,6 +3187,15 @@ rspamd_http_router_add_path (struct rspamd_http_connection_router *router,
 	}
 }
 
+void
+rspamd_http_router_set_unknown_handler (struct rspamd_http_connection_router *router,
+		rspamd_http_router_handler_t handler)
+{
+	if (router != NULL) {
+		router->unknown_method_handler = handler;
+	}
+}
+
 void
 rspamd_http_router_add_header (struct rspamd_http_connection_router *router,
 		const gchar *name, const gchar *value)
diff --git a/src/libutil/http.h b/src/libutil/http.h
index 3bad64ae2d..3f5288eca6 100644
--- a/src/libutil/http.h
+++ b/src/libutil/http.h
@@ -468,6 +468,14 @@ void rspamd_http_router_add_path (struct rspamd_http_connection_router *router,
 void rspamd_http_router_add_header (struct rspamd_http_connection_router *router,
 		const gchar *name, const gchar *value);
 
+/**
+ * Sets method to handle unknown request methods
+ * @param router
+ * @param handler
+ */
+void rspamd_http_router_set_unknown_handler (struct rspamd_http_connection_router *router,
+		rspamd_http_router_handler_t handler);
+
 /**
  * Inserts router headers to the outbound message
  * @param router