From c37cedf06e804097e744900e56315f98a8992dc9 Mon Sep 17 00:00:00 2001 From: Ed Summers Date: Thu, 16 Dec 2010 11:52:38 -0500 Subject: [PATCH] some more doc --- sugar/middleware/cors.py | 26 +++++++++++++++++++++----- sugar/tests.py | 2 +- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/sugar/middleware/cors.py b/sugar/middleware/cors.py index e64f2fb..733022f 100644 --- a/sugar/middleware/cors.py +++ b/sugar/middleware/cors.py @@ -1,8 +1,10 @@ +from django.conf import settings + class CORSMiddleware(object): """ - Middleware that serves up JSON media types with a CORS header to - allow people to use your JSON data from JavaScript without requiring - them to proxy it. + Middleware that serves up representations with a CORS header to + allow third parties to use your web api from JavaScript without + requiring them to proxy it. See: http://www.w3.org/TR/cors/ Implement @@ -11,12 +13,26 @@ class CORSMiddleware(object): 'sugar.middleware.cors.CORSMiddleware', + This will inject all your 'application/json' responses with: + + Access-Control-Allow-Origin: * + + Optionally you can configure the mediatypes you'd like to have be served + up with CORS in your settings: + + CORS = [ + "{ + ["application/json", "application/x-suggestions+json"], + "Access-Control-Allow-Origin": "*" + } + ] + hmmm... not sure what to do here (yet) + """ def __init__(self): # should any others be added here? - self.json_mediatypes = ["application/json", - "application/x-suggestions+json",] + self.json_mediatypes = ["application/json"] def process_response(self, request, response): # just get the mediatype (strip charset) diff --git a/sugar/tests.py b/sugar/tests.py index 1ec3939..83d0986 100644 --- a/sugar/tests.py +++ b/sugar/tests.py @@ -48,7 +48,7 @@ def test_middleware(self): cors = CORSMiddleware() request = HttpRequest() response = HttpResponse('["foo"]', - mimetype='application/json') + mimetype='application/json') cors.process_response(request, response) self.assertEqual(response['access-control-allow-origin'], '*')