1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
use crate::http::Method;
use crate::request::Request;
use crate::validater::ReqError;
#[derive(Default)]
pub struct Cors {
pub access_control_allow_origin: Option<Vec<String>>,
pub access_control_allow_headers: Option<Vec<String>>,
pub access_control_allow_methods: Option<Vec<Method>>,
pub access_control_allow_credential: Option<bool>,
}
impl Cors {
pub fn validate_request(&self, req: &Request) -> (bool, ReqError) {
match &self.access_control_allow_origin {
Some(origin) => {
return self.validate_origin(&req, origin);
}
None => (),
}
match &self.access_control_allow_headers {
Some(headers) => {
return self.validate_headers(&req, headers);
}
None => (),
}
match &self.access_control_allow_methods {
Some(methods) => {
return self.validate_methods(&req, methods);
}
None => (),
}
match &self.access_control_allow_credential {
Some(credential) => {
return self.validate_credential(&req, credential);
}
None => (),
}
(true, ReqError::Empty)
}
fn validate_origin(&self, req: &Request, origins: &Vec<String>) -> (bool, ReqError) {
match req.header.elements.get("Host:") {
Some(origin) => {
for allowed_origin in origins {
if origin == allowed_origin {
return (true, ReqError::Empty);
}
}
return (false, ReqError::IsNotAllowedOrigin);
}
None => (false, ReqError::IsInvalid),
}
}
fn validate_headers(&self, req: &Request, headers: &Vec<String>) -> (bool, ReqError) {
for (header, _) in &req.header.elements {
if !headers.contains(&header) {
return (false, ReqError::IsNotAllowedHeader);
}
}
(true, ReqError::Empty)
}
fn validate_methods(&self, req: &Request, methods: &Vec<Method>) -> (bool, ReqError) {
for allowed_method in methods {
if &req.method == allowed_method {
return (true, ReqError::Empty);
}
}
(false, ReqError::IsNotAllowedMethod)
}
fn validate_credential(&self, _: &Request, _: &bool) -> (bool, ReqError) {
(true, ReqError::Empty)
}
}
pub fn allow_everything() -> Cors {
Cors {
..Default::default()
}
}