feathermost/etc/mitm_cors.py

27 lines
1 KiB
Python

# Script for mitmproxy, used in ../rundev.sh. Not meant to be run directly.
from mitmproxy import http
# More information about CORS: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
ALLOWED_ORIGINS = ["http://localhost:8000"]
ALLOW_HEADERS = "Authorization, *" # Which headers the browser may send
EXPOSE_HEADERS = "Authorization, *" # Which headers the browser may expose to scripts
def allowed_origin(origin):
return origin if origin in ALLOWED_ORIGINS else ALLOWED_ORIGINS[0]
def response(flow):
flow.response.headers["Access-Control-Allow-Origin"] = allowed_origin(flow.request.headers["Origin"])
flow.response.headers["Access-Control-Expose-Headers"] = EXPOSE_HEADERS
def request(flow):
# Hijack CORS OPTIONS request
if flow.request.method == "OPTIONS":
flow.response = http.HTTPResponse.make(200, b"", {
"Access-Control-Allow-Origin": allowed_origin(flow.request.headers["Origin"]),
"Access-Control-Allow-Methods": "GET,POST",
"Access-Control-Allow-Headers": ALLOW_HEADERS,
"Access-Control-Max-Age": "10"
})