Fix mitmproxy script to deal with multiple origins
This commit is contained in:
parent
4db66bb8c0
commit
81751369a1
1 changed files with 6 additions and 8 deletions
|
@ -4,26 +4,24 @@ from mitmproxy import http
|
|||
|
||||
# More information about CORS: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
||||
|
||||
ALLOW_ORIGIN = "http://localhost:8000"
|
||||
ALLOWED_ORIGINS = ["http://localhost:8000"]
|
||||
ALLOW_HEADERS = "Authorization, *" # Which headers the browser may send
|
||||
EXPOSE_HEADERS = "Authorization, *" # Which headers the browser may expose to scripts
|
||||
HIDE_ORIGIN = True
|
||||
|
||||
|
||||
def allowed_origin(origin):
|
||||
return origin if origin in ALLOWED_ORIGINS else ALLOWED_ORIGINS[0]
|
||||
|
||||
def response(flow):
|
||||
flow.response.headers["Access-Control-Allow-Origin"] = ALLOW_ORIGIN
|
||||
flow.response.headers["Access-Control-Allow-Origin"] = allowed_origin(flow.request.headers["Origin"])
|
||||
flow.response.headers["Access-Control-Expose-Headers"] = EXPOSE_HEADERS
|
||||
|
||||
def request(flow):
|
||||
# Hijack CORS OPTIONS request
|
||||
if flow.request.method == "OPTIONS":
|
||||
flow.response = http.HTTPResponse.make(200, b"", {
|
||||
"Access-Control-Allow-Origin": ALLOW_ORIGIN,
|
||||
"Access-Control-Allow-Origin": allowed_origin(flow.request.headers["Origin"]),
|
||||
"Access-Control-Allow-Methods": "GET,POST",
|
||||
"Access-Control-Allow-Headers": ALLOW_HEADERS,
|
||||
"Access-Control-Max-Age": "10"
|
||||
})
|
||||
|
||||
# Privacy
|
||||
if HIDE_ORIGIN:
|
||||
flow.request.headers["Origin"] = "null"
|
||||
|
|
Loading…
Reference in a new issue