From 6867ca43e4337a24b943feabc73373156cb1cb14 Mon Sep 17 00:00:00 2001 From: Badlop Date: Mon, 15 Feb 2010 21:20:39 +0100 Subject: [PATCH] Cross-domain HTTP-Bind support (thanks to Jack Moffitt)(EJAB-1168) --- src/web/ejabberd_http.erl | 2 +- src/web/ejabberd_http_bind.erl | 4 +--- src/web/http_bind.hrl | 32 ++++++++++++++++++++++++++++++++ src/web/mod_http_bind.erl | 14 +++++++++----- 4 files changed, 43 insertions(+), 9 deletions(-) create mode 100644 src/web/http_bind.hrl diff --git a/src/web/ejabberd_http.erl b/src/web/ejabberd_http.erl index 821fffb91..4e1f14320 100644 --- a/src/web/ejabberd_http.erl +++ b/src/web/ejabberd_http.erl @@ -344,7 +344,7 @@ process_request(#state{request_method = Method, request_headers = RequestHeaders, sockmod = SockMod, socket = Socket} = State) - when Method=:='GET' orelse Method=:='HEAD' orelse Method=:='DELETE' -> + when Method=:='GET' orelse Method=:='HEAD' orelse Method=:='DELETE' orelse Method=:='OPTIONS' -> case (catch url_decode_q_split(Path)) of {'EXIT', _} -> process_request(false); diff --git a/src/web/ejabberd_http_bind.erl b/src/web/ejabberd_http_bind.erl index c76125c3c..4e5045899 100644 --- a/src/web/ejabberd_http_bind.erl +++ b/src/web/ejabberd_http_bind.erl @@ -37,6 +37,7 @@ -include("ejabberd.hrl"). -include("jlib.hrl"). -include("ejabberd_http.hrl"). +-include("http_bind.hrl"). -record(http_bind, {id, pid, to, hold, wait, version}). @@ -100,9 +101,6 @@ -define(MAX_PAUSE, 120). % may num of sec a client is allowed to pause % the session --define(CT, {"Content-Type", "text/xml; charset=utf-8"}). --define(HEADER, [?CT]). - %%%---------------------------------------------------------------------- %%% API diff --git a/src/web/http_bind.hrl b/src/web/http_bind.hrl new file mode 100644 index 000000000..e8f25f394 --- /dev/null +++ b/src/web/http_bind.hrl @@ -0,0 +1,32 @@ +%%%---------------------------------------------------------------------- +%%% +%%% ejabberd, Copyright (C) 2002-2010 ProcessOne +%%% +%%% This program is free software; you can redistribute it and/or +%%% modify it under the terms of the GNU General Public License as +%%% published by the Free Software Foundation; either version 2 of the +%%% License, or (at your option) any later version. +%%% +%%% This program is distributed in the hope that it will be useful, +%%% but WITHOUT ANY WARRANTY; without even the implied warranty of +%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +%%% General Public License for more details. +%%% +%%% You should have received a copy of the GNU General Public License +%%% along with this program; if not, write to the Free Software +%%% Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +%%% 02111-1307 USA +%%% +%%%---------------------------------------------------------------------- + +-define(CT_XML, {"Content-Type", "text/xml; charset=utf-8"}). +-define(CT_PLAIN, {"Content-Type", "text/plain"}). + +-define(AC_ALLOW_ORIGIN, {"Access-Control-Allow-Origin", "*"}). +-define(AC_ALLOW_METHODS, {"Access-Control-Allow-Methods", "GET, POST, OPTIONS"}). +-define(AC_ALLOW_HEADERS, {"Access-Control-Allow-Headers", "Content-Type"}). +-define(AC_MAX_AGE, {"Access-Control-Max-Age", "86400"}). + +-define(OPTIONS_HEADER, [?CT_PLAIN, ?AC_ALLOW_ORIGIN, ?AC_ALLOW_METHODS, + ?AC_ALLOW_HEADERS, ?AC_MAX_AGE]). +-define(HEADER, [?CT_XML, ?AC_ALLOW_ORIGIN, ?AC_ALLOW_HEADERS]). diff --git a/src/web/mod_http_bind.erl b/src/web/mod_http_bind.erl index d913c6d84..bbaeae6c6 100644 --- a/src/web/mod_http_bind.erl +++ b/src/web/mod_http_bind.erl @@ -48,6 +48,7 @@ -include("ejabberd.hrl"). -include("jlib.hrl"). -include("ejabberd_http.hrl"). +-include("http_bind.hrl"). %% Duplicated from ejabberd_http_bind. %% TODO: move to hrl file. @@ -60,8 +61,8 @@ process([], #request{method = 'POST', data = []}) -> ?DEBUG("Bad Request: no data", []), - {400, [], {xmlelement, "h1", [], - [{xmlcdata, "400 Bad Request"}]}}; + {400, ?HEADER, {xmlelement, "h1", [], + [{xmlcdata, "400 Bad Request"}]}}; process([], #request{method = 'POST', data = Data, ip = IP}) -> @@ -69,11 +70,14 @@ process([], #request{method = 'POST', ejabberd_http_bind:process_request(Data, IP); process([], #request{method = 'GET', data = []}) -> - get_human_html_xmlel(); + {200, ?HEADER, get_human_html_xmlel()}; +process([], #request{method = 'OPTIONS', + data = []}) -> + {200, ?OPTIONS_HEADER, []}; process(_Path, _Request) -> ?DEBUG("Bad Request: ~p", [_Request]), - {400, [], {xmlelement, "h1", [], - [{xmlcdata, "400 Bad Request"}]}}. + {400, ?HEADER, {xmlelement, "h1", [], + [{xmlcdata, "400 Bad Request"}]}}. get_human_html_xmlel() -> Heading = "ejabberd " ++ atom_to_list(?MODULE) ++ " v" ++ ?MOD_HTTP_BIND_VERSION,