suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #260 from travis-ci/igor-cors-preflight-cache

Browse Source 
Set Access-Control-Max-Age header for CORS preflight requests to cache them
This commit is contained in:
Igor 2016-05-18 13:56:09 +02:00
commit e876a83d86
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/travis/api/app/cors.rb
View File

@ -15,6 +15,11 @@ class Travis::Api::App
options // do
headers['Access-Control-Allow-Methods'] = "HEAD, GET, POST, PATCH, PUT, DELETE"
headers['Access-Control-Allow-Headers'] = "Content-Type, Authorization, Accept, If-None-Match, If-Modified-Since, X-User-Agent, Travis-API-Version"
# cache OPTIONS for 24 hours to avoid excessive preflight requests and speed up access
# browsers might still limit this value to 10 minutes, see caveats
# http://stackoverflow.com/a/12021982
headers['Access-Control-Max-Age'] = "86400"
end
end
end

4
spec/unit/cors_spec.rb
View File

@ -46,5 +46,9 @@ describe Travis::Api::App::Cors do
it 'sets Access-Control-Allow-Headers' do
headers['Access-Control-Allow-Headers'].should == "Content-Type, Authorization, Accept, If-None-Match, If-Modified-Since, X-User-Agent, Travis-API-Version"
end
it 'sets Access-Control-Max-Age' do
headers['Access-Control-Max-Age'].should == "86400"
end
end
end