| a | b | |
|---|
| 29 | 29 | | |
|---|
| 30 | 30 | | |
|---|
| 31 | 31 | | [https://origin.tld] |
|---|
| ... | |
|---|
| 32 | | - | allowed_methods = GET, PUT, POST, DELETE |
|---|
| 32 | + | allow_methods = GET, PUT, POST, DELETE |
|---|
| ... | |
|---|
| 33 | 33 | | allow_headers = x-couchdb-... |
|---|
| 34 | 34 | | allow_credentials = true |
|---|
| 35 | 35 | | allow_server_admins = true |
|---|
| ... | |
|---|
| 52 | 52 | | |
|---|
| 53 | 53 | | work flow : |
|---|
| 54 | 54 | | |
|---|
| ... | |
|---|
| 55 | | - | is origins list not empty in ini |
|---|
| 55 | | - | no -> is admin set ? |
|---|
| 55 | + | is origins list empty in ini |
|---|
| 55 | + | yes -> is admin set ? |
|---|
| ... | |
|---|
| 57 | 57 | | yes -> stop |
|---|
| 58 | 58 | | no -> return "*" , credentials false (with a good caching policy) |
|---|
| ... | |
|---|
| 59 | | - | yes -> |
|---|
| 59 | | - | |
|---|
| 59 | | - | is origin in .ini ? |
|---|
| 59 | | - | yes -> use cors rules for it |
|---|
| 59 | | - | no -> are we on a db resource ? |
|---|
| 59 | | - | yes -> are origins in db sec obj |
|---|
| 59 | | - | |
|---|
| 59 | | - | yes -> |
|---|
| 59 | | - | is origin in list ? |
|---|
| 59 | | - | no -> stop |
|---|
| 59 | | - | yes -> ... |
|---|
| 59 | + | no -> |
|---|
| 59 | + | is origin in .ini ? |
|---|
| 59 | + | yes -> |
|---|
| 59 | + | is origin in list ? |
|---|
| 59 | + | yes -> |
|---|
| 59 | + | set the cors headers based on .ini |
|---|
| 59 | + | then are we on a db resource ? |
|---|
| 59 | + | yes -> |
|---|
| 59 | + | apply the intersection of .ini with db resource |
|---|
| 59 | + | no -> stop |
|---|
| 59 | + | no -> |
|---|
| 59 | + | <bikeshed defaults> |
|---|
| ... | |
|---|