Allow override of default options response

2017-04-12 11:52:02 +02:00 · 2017-04-12 11:52:02 +02:00 · 5600cf2d6e
parent b2a8ae8c85
commit 5600cf2d6e
3 changed files with 33 additions and 3 deletions
--- a/cors_test.go
+++ b/cors_test.go
@ -2,6 +2,7 @@ package tusd_test

 import (
 	"net/http"
+	"net/http/httptest"
 	"testing"

 	. "github.com/tus/tusd"
@ -46,4 +47,31 @@ func TestCORS(t *testing.T) {
 			},
 		}).Run(handler, t)
 	})
+
+	SubTest(t, "AppendHeaders", func(t *testing.T, store *MockFullDataStore) {
+		handler, _ := NewHandler(Config{
+			DataStore: store,
+		})
+
+		req, _ := http.NewRequest("OPTIONS", "", nil)
+		req.Header.Set("Tus-Resumable", "1.0.0")
+		req.Header.Set("Origin", "tus.io")
+		req.Host = "tus.io"
+
+		res := httptest.NewRecorder()
+		res.HeaderMap.Set("Access-Control-Allow-Headers", "HEADER")
+		res.HeaderMap.Set("Access-Control-Allow-Methods", "METHOD")
+		handler.ServeHTTP(res, req)
+
+		headers := res.HeaderMap["Access-Control-Allow-Headers"]
+		methods := res.HeaderMap["Access-Control-Allow-Methods"]
+
+		if headers[0] != "HEADER" {
+			t.Errorf("expected header to contain HEADER but got: %#v", headers)
+		}
+
+		if methods[0] != "METHOD" {
+			t.Errorf("expected header to contain HEADER but got: %#v", methods)
+		}
+	})
 }
--- a/docs/hooks.md
+++ b/docs/hooks.md
@ -50,6 +50,8 @@ The process of the hook files are provided with information about the event and
 }
 ```

+Be aware that this environment does *not* contain direct data from any HTTP request, in particular not any header values or cookies. If you would like to pass information from the client to the hook, such as authentication details, you may wish to use the [metadata system](http://tus.io/protocols/resumable-upload.html#upload-metadata).
+
 ## Blocking and Non-Blocking Hooks

 If not otherwise noted, all hooks are invoked in a *non-blocking* way, meaning that tusd will not wait until the hook process has finished and exited. Therefore, the hook process is not able to influence how tusd may continue handling the current request, regardless of which exit code it may set. Furthermore, the hook process' stdout and stderr will be piped to tusd's stdout and stderr correspondingly, allowing one to use these channels for additional logging.
--- a/unrouted_handler.go
+++ b/unrouted_handler.go
@ -157,13 +157,13 @@ func (handler *UnroutedHandler) Middleware(h http.Handler) http.Handler {

 			if r.Method == "OPTIONS" {
 				// Preflight request
-				header.Set("Access-Control-Allow-Methods", "POST, GET, HEAD, PATCH, DELETE, OPTIONS")
-				header.Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Upload-Length, Upload-Offset, Tus-Resumable, Upload-Metadata")
+				header.Add("Access-Control-Allow-Methods", "POST, GET, HEAD, PATCH, DELETE, OPTIONS")
+				header.Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Upload-Length, Upload-Offset, Tus-Resumable, Upload-Metadata")
 				header.Set("Access-Control-Max-Age", "86400")

 			} else {
 				// Actual request
-				header.Set("Access-Control-Expose-Headers", "Upload-Offset, Location, Upload-Length, Tus-Version, Tus-Resumable, Tus-Max-Size, Tus-Extension, Upload-Metadata")
+				header.Add("Access-Control-Expose-Headers", "Upload-Offset, Location, Upload-Length, Tus-Version, Tus-Resumable, Tus-Max-Size, Tus-Extension, Upload-Metadata")
 			}
 		}