0.6.1: fix cors bug

joway · Jul 30, 2019 · 0fff414 · 0fff414
1 parent cdaf115
commit 0fff414
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 2 deletions.
diff --git a/lemon/config.py b/lemon/config.py
@@ -42,6 +42,7 @@ def __getitem__(self, key: str):
     'LEMON_CORS_ENABLE': False,
     'LEMON_CORS_ALLOW_METHODS': ['GET', 'POST', 'PUT', 'DELETE', 'HEAD', 'PATCH'],
     'LEMON_CORS_ALLOW_HEADERS': [],
+    'LEMON_CORS_ORIGIN_ALLOW_ALL': False,
     'LEMON_CORS_EXPOSE_HEADERS': [],
     'LEMON_CORS_ALLOW_CREDENTIALS': False,
     'LEMON_CORS_ORIGIN_WHITELIST': [],

diff --git a/lemon/middleware.py b/lemon/middleware.py
@@ -28,6 +28,7 @@ async def cors_middleware(ctx: Context, nxt: typing.Callable):
     # settings
     LEMON_CORS_ORIGIN_WHITELIST = settings.LEMON_CORS_ORIGIN_WHITELIST
     LEMON_CORS_ORIGIN_REGEX_WHITELIST = settings.LEMON_CORS_ORIGIN_REGEX_WHITELIST
+    LEMON_CORS_ORIGIN_ALLOW_ALL = settings.LEMON_CORS_ORIGIN_ALLOW_ALL
     LEMON_CORS_ALLOW_METHODS = settings.LEMON_CORS_ALLOW_METHODS
     LEMON_CORS_ALLOW_HEADERS = settings.LEMON_CORS_ALLOW_HEADERS
     LEMON_CORS_EXPOSE_HEADERS = settings.LEMON_CORS_EXPOSE_HEADERS
@@ -75,7 +76,10 @@ async def cors_middleware(ctx: Context, nxt: typing.Callable):
         return
 
     # cross origin request
-    ctx.res.headers['access-control-allow-origin'] = origin
+    if LEMON_CORS_ORIGIN_ALLOW_ALL:
+        ctx.res.headers['access-control-allow-origin'] = '*'
+    else:
+        ctx.res.headers['access-control-allow-origin'] = origin
     if LEMON_CORS_ALLOW_CREDENTIALS:
         ctx.res.headers['access-control-allow-credentials'] = 'true'
     if LEMON_CORS_EXPOSE_HEADERS:

diff --git a/setup.py b/setup.py
@@ -1,6 +1,6 @@
 from setuptools import setup
 
-PACKAGE_VERSION = '0.6.0'
+PACKAGE_VERSION = '0.6.1'
 PACKAGE_REQUIRES = [
     'uvicorn==0.8.4',
     'kua==0.2',