Permalink
Browse files

allow SSS webpy interface to be accessible via a JavaScript cross-sit…

…e script (which will enable deposit from javascript client environments in remote interfaces)
  • Loading branch information...
1 parent 5fd8c77 commit af939d67830c804ff33de43dc88127f8eb38a1d7 @richard-jones richard-jones committed Jul 11, 2012
Showing with 10 additions and 0 deletions.
  1. +10 −0 sss/webpy.py
View
@@ -74,6 +74,12 @@
class SwordHttpHandler(object):
+ def OPTIONS(self, collection):
+ web.header('Access-Control-Allow-Origin', '*')
+ web.header('Access-Control-Allow-Headers', 'Content-Disposition, Content-Type, Packaging, Authorization')
+ web.header('Access-Control-Allow-Method', '*')
+ return
+
def read_to_tmp(self, web):
# the incoming body content is in wsgi.input, which is a file-like object
# but which only supports "read", not useful extras like "seek", so we
@@ -103,6 +109,10 @@ def http_basic_authenticate(self, web):
# extract the appropriate HTTP headers
auth_header = web.ctx.env.get('HTTP_AUTHORIZATION')
obo = web.ctx.env.get(HEADER_MAP[HttpHeaders.on_behalf_of])
+
+ web.header('Access-Control-Allow-Origin', '*')
+ web.header('Access-Control-Allow-Headers', 'Content-Disposition, Content-Type, Packaging, Authorization')
+ web.header('Access-Control-Allow-Method', '*')
# if we're not supplied with an auth header, bounce
if auth_header is None:

0 comments on commit af939d6

Please sign in to comment.