diff options
-rw-r--r-- | dependencyinjection/dicontainer.php | 18 | ||||
-rw-r--r-- | external/newsapi.php | 4 | ||||
-rw-r--r-- | middleware/corsmiddleware.php | 53 |
3 files changed, 74 insertions, 1 deletions
diff --git a/dependencyinjection/dicontainer.php b/dependencyinjection/dicontainer.php index 1d47181de..9d9a085b0 100644 --- a/dependencyinjection/dicontainer.php +++ b/dependencyinjection/dicontainer.php @@ -26,6 +26,7 @@ namespace OCA\News\DependencyInjection; use \OCA\AppFramework\DependencyInjection\DIContainer as BaseContainer; +use \OCA\AppFramework\Middleware\MiddlewareDispatcher; use \OCA\News\Controller\PageController; use \OCA\News\Controller\FolderController; @@ -59,6 +60,7 @@ use \OCA\News\Utility\SimplePieFileFactory; use \OCA\News\Utility\ArticleEnhancer\Enhancer; use \OCA\News\Utility\ArticleEnhancer\CyanideAndHappinessEnhancer; +use \OCA\News\Middleware\CORSMiddleware; require_once __DIR__ . '/../3rdparty/htmlpurifier/library/HTMLPurifier.auto.php'; @@ -301,6 +303,22 @@ class DIContainer extends BaseContainer { return new SimplePieFileFactory(); }); + + /** + * Middleware + */ + $this['MiddlewareDispatcher'] = $this->share(function($c){ + $dispatcher = new MiddlewareDispatcher(); + $dispatcher->registerMiddleware($c['HttpMiddleware']); + $dispatcher->registerMiddleware($c['SecurityMiddleware']); + $dispatcher->registerMiddleware($c['CORSMiddleware']); + return $dispatcher; + }); + + $this['CORSMiddleware'] = $this->share(function($c){ + return new CORSMiddleware(); + }); + } } diff --git a/external/newsapi.php b/external/newsapi.php index 24f131ee5..7e8d901d0 100644 --- a/external/newsapi.php +++ b/external/newsapi.php @@ -53,7 +53,9 @@ class NewsAPI extends Controller { */ public function version() { $version = $this->api->getAppValue('installed_version'); - return new JSONResponse(array('version' => $version)); + $response = new JSONResponse(array('version' => $version)); + $response->addHeader('Access-Control-Allow-Origin', '*'); + return $response; } diff --git a/middleware/corsmiddleware.php b/middleware/corsmiddleware.php new file mode 100644 index 000000000..a5d460280 --- /dev/null +++ b/middleware/corsmiddleware.php @@ -0,0 +1,53 @@ +<?php + +/** + * ownCloud - App Framework + * + * @author Bernhard Posselt + * @copyright 2012 Bernhard Posselt dev@bernhard-posselt.com + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + */ + + +namespace OCA\News\Middleware; + +use OCA\AppFramework\Http\Response; +use OCA\AppFramework\Middleware\Middleware; +use OCA\AppFramework\Utility\MethodAnnotationReader; + +class CORSMiddleware extends Middleware { + + + /** + * This is being run after a successful controllermethod call and allows + * the manipulation of a Response object. The middleware is run in reverse order + * + * @param Controller $controller the controller that is being called + * @param string $methodName the name of the method that will be called on + * the controller + * @param Response $response the generated response from the controller + * @return Response a Response object + */ + public function afterController($controller, $methodName, Response $response){ + $annotationReader = new MethodAnnotationReader($controller, $methodName); + if($annotationReader->hasAnnotation('API')) { + $response->addHeader('Access-Control-Allow-Origin', '*'); + } + return $response; + } + + +} |