opt: preflight cache max age

bittorrent · Sep 11, 2023 · b5f5e5f · b5f5e5f
1 parent 510e7fe
commit b5f5e5f
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 7 deletions.
diff --git a/s3/consts/consts.go b/s3/consts/consts.go
@@ -173,6 +173,7 @@ const (
 	AccessControlAllowHeaders     = "Access-Control-Allow-Headers"
 	AccessControlExposeHeaders    = "Access-Control-Expose-Headers"
 	AccessControlAllowCredentials = "Access-Control-Allow-Credentials"
+	AccessControlMaxAge           = "Access-Control-Max-Age"
 )
 
 // object const

diff --git a/s3/handlers/handlers.go b/s3/handlers/handlers.go
@@ -9,14 +9,15 @@ import (
 	"github.com/bittorrent/go-btfs/s3/services/object"
 	"github.com/bittorrent/go-btfs/s3/services/sign"
 	"github.com/bittorrent/go-btfs/s3/utils/hash"
+	"net/http"
 	"net/url"
 	"runtime"
 )
 
 var _ Handlerser = (*Handlers)(nil)
 
 type Handlers struct {
-	headers map[string][]string
+	headers http.Header
 	acksvc  accesskey.Service
 	sigsvc  sign.Service
 	objsvc  object.Service

diff --git a/s3/handlers/handlers_middlewares.go b/s3/handlers/handlers_middlewares.go
@@ -9,18 +9,20 @@ import (
 	"github.com/bittorrent/go-btfs/s3/services/accesskey"
 	rscors "github.com/rs/cors"
 	"net/http"
+	"strconv"
 	"time"
 )
 
 func (h *Handlers) Cors(handler http.Handler) http.Handler {
 	headers := h.headers
-	cred := len(headers[consts.AccessControlAllowCredentials]) > 0 &&
-		headers[consts.AccessControlAllowCredentials][0] == "true"
+	cred := headers.Get(consts.AccessControlAllowCredentials) == "true"
+	maxAge, _ := strconv.Atoi(headers.Get(consts.AccessControlMaxAge))
 	ch := rscors.New(rscors.Options{
-		AllowedOrigins:   headers[consts.AccessControlAllowOrigin],
-		AllowedMethods:   headers[consts.AccessControlAllowMethods],
-		AllowedHeaders:   headers[consts.AccessControlExposeHeaders],
-		ExposedHeaders:   headers[consts.AccessControlAllowHeaders],
+		AllowedOrigins:   headers.Values(consts.AccessControlAllowOrigin),
+		AllowedMethods:   headers.Values(consts.AccessControlAllowMethods),
+		AllowedHeaders:   headers.Values(consts.AccessControlAllowHeaders),
+		ExposedHeaders:   headers.Values(consts.AccessControlExposeHeaders),
+		MaxAge:           maxAge,
 		AllowCredentials: cred,
 	})
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

diff --git a/s3/handlers/options.go b/s3/handlers/options.go
@@ -48,12 +48,15 @@ var defaultCorsHeaders = []string{
 	"*",
 }
 
+const defaultCorsMaxAge = "36000"
+
 var defaultHeaders = map[string][]string{
 	consts.AccessControlAllowOrigin:      {"*"},
 	consts.AccessControlAllowMethods:     defaultCorsMethods,
 	consts.AccessControlAllowHeaders:     defaultCorsHeaders,
 	consts.AccessControlExposeHeaders:    defaultCorsHeaders,
 	consts.AccessControlAllowCredentials: {"true"},
+	consts.AccessControlMaxAge:           {defaultCorsMaxAge},
 }
 
 type Option func(handlers *Handlers)