#include "global_statistics.h"
#include "rrd.h"
#include "rrd2json.h"
+#include "registry.h"
#include "web_client.h"
+#include "../config.h"
#define INITIAL_WEB_DATA_LENGTH 16384
#define WEB_REQUEST_LENGTH 16384
}
w->last_url[0] = '\0';
+ w->cookie[0] = '\0';
w->mode = WEB_CLIENT_MODE_NORMAL;
static uid_t owner_uid = 0;
if(unlikely(!web_owner)) {
- web_owner = config_get("global", "web files owner", NETDATA_USER);
+ web_owner = config_get("global", "web files owner", config_get("global", "run as user", ""));
if(!web_owner || !*web_owner)
owner_uid = geteuid();
else {
+ // getpwnam() is not thread safe,
+ // but we have called this function once
+ // while single threaded
struct passwd *pw = getpwnam(web_owner);
if(!pw) {
error("User %s is not present. Ignoring option.", web_owner);
static gid_t owner_gid = 0;
if(unlikely(!web_group)) {
- web_group = config_get("global", "web files group", config_get("global", "web files owner", NETDATA_USER));
+ web_group = config_get("global", "web files group", config_get("global", "web files owner", ""));
if(!web_group || !*web_group)
owner_gid = getegid();
else {
+ // getgrnam() is not thread safe,
+ // but we have called this function once
+ // while single threaded
struct group *gr = getgrnam(web_group);
if(!gr) {
error("Group %s is not present. Ignoring option.", web_group);
if(!name || !*name) continue;
if(!value || !*value) continue;
- debug(D_WEB_CLIENT, "%llu: API v1 query param '%s' with value '%s'", w->id, name, value);
+ debug(D_WEB_CLIENT, "%llu: API v1 data query param '%s' with value '%s'", w->id, name, value);
// name and value are now the parameters
// they are not null and not empty
return ret;
}
+int web_client_api_request_v1_registry(struct web_client *w, char *url)
+{
+ char person_guid[36 + 1] = "";
+
+ debug(D_WEB_CLIENT, "%llu: API v1 registry with URL '%s'", w->id, url);
+
+ char *cookie = strstr(w->response.data->buffer, " " NETDATA_REGISTRY_COOKIE_NAME "=");
+ if(cookie) {
+ strncpy(person_guid, &cookie[sizeof(NETDATA_REGISTRY_COOKIE_NAME) + 1], 36);
+ person_guid[36] = '\0';
+ }
+
+ char action = '\0';
+ char *machine_guid = NULL,
+ *machine_url = NULL,
+ *url_name = NULL,
+ *search_machine_guid = NULL,
+ *delete_url = NULL;
+
+ while(url) {
+ char *value = mystrsep(&url, "?&[]");
+ if (!value || !*value) continue;
+
+ char *name = mystrsep(&value, "=");
+ if (!name || !*name) continue;
+ if (!value || !*value) continue;
+
+ debug(D_WEB_CLIENT, "%llu: API v1 registry query param '%s' with value '%s'", w->id, name, value);
+
+ if(!strcmp(name, "action")) {
+ if(!strcmp(value, "access")) action = 'A';
+ else if(!strcmp(value, "delete")) action = 'D';
+ else if(!strcmp(value, "search")) action = 'S';
+ }
+ else if(!strcmp(name, "machine"))
+ machine_guid = value;
+
+ else if(!strcmp(name, "url"))
+ machine_url = value;
+
+ else if(action == 'A') {
+ if(!strcmp(name, "name"))
+ url_name = value;
+ }
+ else if(action == 'D') {
+ if(!strcmp(name, "delete_url"))
+ delete_url = value;
+ }
+ else if(action == 'S') {
+ if(!strcmp(name, "for"))
+ search_machine_guid = value;
+ }
+ }
+
+ if((!action || !machine_guid || !machine_url) || (action == 'A' && !url_name) || (action == 'D' && !delete_url) || (action == 'S' && !search_machine_guid)) {
+ buffer_flush(w->response.data);
+ buffer_sprintf(w->response.data, "Invalid registry request - required parameters missing.");
+ return 400;
+ }
+
+ switch(action) {
+ case 'A':
+ return registry_request_access_json(w, person_guid, machine_guid, machine_url, url_name, time(NULL));
+
+ case 'D':
+ return registry_request_delete_json(w, person_guid, machine_guid, machine_url, delete_url, time(NULL));
+
+ case 'S':
+ return registry_request_search_json(w, person_guid, machine_guid, machine_url, search_machine_guid, time(NULL));
+ }
+
+ buffer_flush(w->response.data);
+ buffer_sprintf(w->response.data, "Invalid or no registry action.");
+ return 400;
+}
+
int web_client_api_request_v1(struct web_client *w, char *url)
{
+ static uint32_t data_hash = 0, chart_hash = 0, charts_hash = 0, registry_hash = 0;
+
+ if(unlikely(data_hash == 0)) {
+ data_hash = simple_hash("data");
+ chart_hash = simple_hash("chart");
+ charts_hash = simple_hash("charts");
+ registry_hash = simple_hash("registry");
+ }
+
// get the command
char *tok = mystrsep(&url, "/?&");
- debug(D_WEB_CLIENT, "%llu: Searching for API v1 command '%s'.", w->id, tok);
+ if(tok && *tok) {
+ debug(D_WEB_CLIENT, "%llu: Searching for API v1 command '%s'.", w->id, tok);
+ uint32_t hash = simple_hash(tok);
- if(strcmp(tok, "data") == 0)
- return web_client_api_request_v1_data(w, url);
- else if(strcmp(tok, "chart") == 0)
- return web_client_api_request_v1_chart(w, url);
- else if(strcmp(tok, "charts") == 0)
- return web_client_api_request_v1_charts(w, url);
+ if(hash == data_hash && !strcmp(tok, "data"))
+ return web_client_api_request_v1_data(w, url);
- buffer_flush(w->response.data);
- buffer_sprintf(w->response.data, "Unsupported v1 API command: %s", tok);
- return 404;
+ else if(hash == chart_hash && !strcmp(tok, "chart"))
+ return web_client_api_request_v1_chart(w, url);
+
+ else if(hash == charts_hash && !strcmp(tok, "charts"))
+ return web_client_api_request_v1_charts(w, url);
+
+ else if(hash == registry_hash && !strcmp(tok, "registry"))
+ return web_client_api_request_v1_registry(w, url);
+
+ else {
+ buffer_flush(w->response.data);
+ buffer_sprintf(w->response.data, "Unsupported v1 API command: %s", tok);
+ return 404;
+ }
+ }
+ else {
+ buffer_flush(w->response.data);
+ buffer_sprintf(w->response.data, "API v1 command?");
+ return 400;
+ }
}
int web_client_api_request(struct web_client *w, char *url)
{
// get the api version
char *tok = mystrsep(&url, "/?&");
- debug(D_WEB_CLIENT, "%llu: Searching for API version '%s'.", w->id, tok);
-
- if(strcmp(tok, "v1") == 0)
- return web_client_api_request_v1(w, url);
-
- buffer_flush(w->response.data);
- buffer_sprintf(w->response.data, "Unsupported API version: %s", tok);
- return 404;
+ if(tok && *tok) {
+ debug(D_WEB_CLIENT, "%llu: Searching for API version '%s'.", w->id, tok);
+ if(strcmp(tok, "v1") == 0)
+ return web_client_api_request_v1(w, url);
+ else {
+ buffer_flush(w->response.data);
+ buffer_sprintf(w->response.data, "Unsupported API version: %s", tok);
+ return 404;
+ }
+ }
+ else {
+ buffer_flush(w->response.data);
+ buffer_sprintf(w->response.data, "Which API version?");
+ return 400;
+ }
}
int web_client_data_request(struct web_client *w, char *url, int datasource_type)
{
+ RRDSET *st = NULL;
+
char *args = strchr(url, '?');
if(args) {
*args='\0';
// get the name of the data to show
char *tok = mystrsep(&url, "/");
- debug(D_WEB_CLIENT, "%llu: Searching for RRD data with name '%s'.", w->id, tok);
// do we have such a data set?
- RRDSET *st = rrdset_find_byname(tok);
- if(!st) st = rrdset_find(tok);
+ if(tok && *tok) {
+ debug(D_WEB_CLIENT, "%llu: Searching for RRD data with name '%s'.", w->id, tok);
+ st = rrdset_find_byname(tok);
+ if(!st) st = rrdset_find(tok);
+ }
+
if(!st) {
// we don't have it
// try to send a file with that name
if(url) {
// parse the group count required
tok = mystrsep(&url, "/");
- if(tok) group_count = atoi(tok);
+ if(tok && *tok) group_count = atoi(tok);
if(group_count < 1) group_count = 1;
//if(group_count > save_history / 20) group_count = save_history / 20;
}
if(url) {
// parse the grouping method required
tok = mystrsep(&url, "/");
- if(strcmp(tok, "max") == 0) group_method = GROUP_MAX;
- else if(strcmp(tok, "average") == 0) group_method = GROUP_AVERAGE;
- else if(strcmp(tok, "sum") == 0) group_method = GROUP_SUM;
- else debug(D_WEB_CLIENT, "%llu: Unknown group method '%s'", w->id, tok);
+ if(tok && *tok) {
+ if(strcmp(tok, "max") == 0) group_method = GROUP_MAX;
+ else if(strcmp(tok, "average") == 0) group_method = GROUP_AVERAGE;
+ else if(strcmp(tok, "sum") == 0) group_method = GROUP_SUM;
+ else debug(D_WEB_CLIENT, "%llu: Unknown group method '%s'", w->id, tok);
+ }
}
if(url) {
// parse after time
tok = mystrsep(&url, "/");
- if(tok) after = strtoul(tok, NULL, 10);
+ if(tok && *tok) after = strtoul(tok, NULL, 10);
if(after < 0) after = 0;
}
if(url) {
// parse before time
tok = mystrsep(&url, "/");
- if(tok) before = strtoul(tok, NULL, 10);
+ if(tok && *tok) before = strtoul(tok, NULL, 10);
if(before < 0) before = 0;
}
if(url) {
// parse nonzero
tok = mystrsep(&url, "/");
- if(tok && strcmp(tok, "nonzero") == 0) nonzero = 1;
+ if(tok && *tok && strcmp(tok, "nonzero") == 0) nonzero = 1;
}
w->response.data->contenttype = CT_APPLICATION_JSON;
while(args) {
tok = mystrsep(&args, "&");
- if(tok) {
+ if(tok && *tok) {
char *name = mystrsep(&tok, "=");
- if(name && strcmp(name, "tqx") == 0) {
+ if(name && *name && strcmp(name, "tqx") == 0) {
char *key = mystrsep(&tok, ":");
char *value = mystrsep(&tok, ";");
if(key && value && *key && *value) {
}
*/
+// get the request buffer, just after the GET or OPTIONS
+// and find the url to be decoded, decode it and return
+// a newly allocated buffer with it
+static inline char *find_url_and_decode_it(char *request) {
+ char *e = request, *url = NULL;
+
+ // find the SPACE + "HTTP/"
+ while(*e) {
+ // find the space
+ while (*e && *e != ' ') e++;
+
+ // is it SPACE + "HTTP/" ?
+ if(*e && !strncmp(e, " HTTP/", 6))
+ break;
+ }
+
+ if(*e) {
+ // we have the end
+ *e = '\0';
+ url = url_decode(request);
+ *e = ' ';
+ }
+
+ return url;
+}
+
void web_client_process(struct web_client *w) {
int code = 500;
ssize_t bytes;
enable_gzip = 1;
#endif // NETDATA_WITH_ZLIB
- int datasource_type = DATASOURCE_DATATABLE_JSONP;
- //if(strstr(w->response.data->buffer, "X-DataSource-Auth"))
- // datasource_type = DATASOURCE_GOOGLE_JSON;
+ w->mode = WEB_CLIENT_MODE_NORMAL;
- char *buf = (char *)buffer_tostring(w->response.data);
- char *tok = strsep(&buf, " \r\n");
- char *url = NULL;
+ char *tok = (char *)buffer_tostring(w->response.data);
+ char *url = NULL, *encoded_url = NULL;
char *pointer_to_free = NULL; // keep url_decode() allocated buffer
- w->mode = WEB_CLIENT_MODE_NORMAL;
-
- if(buf && strcmp(tok, "GET") == 0) {
- tok = strsep(&buf, " \r\n");
- pointer_to_free = url = url_decode(tok);
- debug(D_WEB_CLIENT, "%llu: Processing HTTP GET on url '%s'.", w->id, url);
- }
- else if(buf && strcmp(tok, "OPTIONS") == 0) {
- tok = strsep(&buf, " \r\n");
- pointer_to_free = url = url_decode(tok);
- debug(D_WEB_CLIENT, "%llu: Processing HTTP OPTIONS on url '%s'.", w->id, url);
+ if(!strncmp(tok, "GET ", 4))
+ encoded_url = &tok[4];
+ else if(!strncmp(tok, "OPTIONS ", 8)) {
+ encoded_url = &tok[8];
w->mode = WEB_CLIENT_MODE_OPTIONS;
}
- else if (buf && strcmp(tok, "POST") == 0) {
- w->keepalive = 0;
- tok = strsep(&buf, " \r\n");
- pointer_to_free = url = url_decode(tok);
- debug(D_WEB_CLIENT, "%llu: I don't know how to handle POST with form data. Assuming it is a GET on url '%s'.", w->id, url);
+
+ if(encoded_url) {
+ pointer_to_free = url = find_url_and_decode_it(encoded_url);
+
+ if(url) debug(D_WEB_CLIENT, "%llu: Processing url '%s'.", w->id, url);
+ else debug(D_WEB_CLIENT, "%llu: Cannot find a valid URL in '%s'", w->id, encoded_url);
}
w->last_url[0] = '\0';
w->last_url[URL_MAX] = '\0';
tok = mystrsep(&url, "/?");
+ if(tok && *tok) {
+ debug(D_WEB_CLIENT, "%llu: Processing command '%s'.", w->id, tok);
- debug(D_WEB_CLIENT, "%llu: Processing command '%s'.", w->id, tok);
-
- if(strcmp(tok, "api") == 0) {
- // the client is requesting api access
- datasource_type = DATASOURCE_JSON;
- code = web_client_api_request(w, url);
- }
-#ifdef NETDATA_INTERNAL_CHECKS
- else if(strcmp(tok, "exit") == 0) {
- netdata_exit = 1;
- code = 200;
- w->response.data->contenttype = CT_TEXT_PLAIN;
- buffer_flush(w->response.data);
- buffer_strcat(w->response.data, "will do");
- }
-#endif
- else if(strcmp(tok, WEB_PATH_DATA) == 0) { // "data"
- // the client is requesting rrd data
- datasource_type = DATASOURCE_JSON;
- code = web_client_data_request(w, url, datasource_type);
- }
- else if(strcmp(tok, WEB_PATH_DATASOURCE) == 0) { // "datasource"
- // the client is requesting google datasource
- code = web_client_data_request(w, url, datasource_type);
- }
- else if(strcmp(tok, WEB_PATH_GRAPH) == 0) { // "graph"
- // the client is requesting an rrd graph
-
- // get the name of the data to show
- tok = mystrsep(&url, "/?&");
- debug(D_WEB_CLIENT, "%llu: Searching for RRD data with name '%s'.", w->id, tok);
-
- // do we have such a data set?
- RRDSET *st = rrdset_find_byname(tok);
- if(!st) st = rrdset_find(tok);
- if(!st) {
- // we don't have it
- // try to send a file with that name
- buffer_flush(w->response.data);
- code = mysendfile(w, tok);
+ if(strcmp(tok, "api") == 0) {
+ // the client is requesting api access
+ code = web_client_api_request(w, url);
}
- else {
+#ifdef NETDATA_INTERNAL_CHECKS
+ else if(strcmp(tok, "exit") == 0) {
code = 200;
- debug(D_WEB_CLIENT_ACCESS, "%llu: Sending %s.json of RRD_STATS...", w->id, st->name);
- w->response.data->contenttype = CT_APPLICATION_JSON;
+ w->response.data->contenttype = CT_TEXT_PLAIN;
buffer_flush(w->response.data);
- rrd_stats_graph_json(st, url, w->response.data);
+
+ if(!netdata_exit)
+ buffer_strcat(w->response.data, "ok, will do...");
+ else
+ buffer_strcat(w->response.data, "I am doing it already");
+
+ netdata_exit = 1;
+ }
+#endif
+ else if(strcmp(tok, WEB_PATH_DATA) == 0) { // "data"
+ // the client is requesting rrd data
+ code = web_client_data_request(w, url, DATASOURCE_JSON);
+ }
+ else if(strcmp(tok, WEB_PATH_DATASOURCE) == 0) { // "datasource"
+ // the client is requesting google datasource
+ code = web_client_data_request(w, url, DATASOURCE_DATATABLE_JSONP);
+ }
+ else if(strcmp(tok, WEB_PATH_GRAPH) == 0) { // "graph"
+ // the client is requesting an rrd graph
+
+ // get the name of the data to show
+ tok = mystrsep(&url, "/?&");
+ if(tok && *tok) {
+ debug(D_WEB_CLIENT, "%llu: Searching for RRD data with name '%s'.", w->id, tok);
+
+ // do we have such a data set?
+ RRDSET *st = rrdset_find_byname(tok);
+ if(!st) st = rrdset_find(tok);
+ if(!st) {
+ // we don't have it
+ // try to send a file with that name
+ buffer_flush(w->response.data);
+ code = mysendfile(w, tok);
+ }
+ else {
+ code = 200;
+ debug(D_WEB_CLIENT_ACCESS, "%llu: Sending %s.json of RRD_STATS...", w->id, st->name);
+ w->response.data->contenttype = CT_APPLICATION_JSON;
+ buffer_flush(w->response.data);
+ rrd_stats_graph_json(st, url, w->response.data);
+ }
+ }
+ else {
+ code = 400;
+ buffer_flush(w->response.data);
+ buffer_strcat(w->response.data, "Graph name?\r\n");
+ }
}
- }
#ifdef NETDATA_INTERNAL_CHECKS
- else if(strcmp(tok, "debug") == 0) {
- buffer_flush(w->response.data);
+ else if(strcmp(tok, "debug") == 0) {
+ buffer_flush(w->response.data);
- // get the name of the data to show
- tok = mystrsep(&url, "/?&");
- debug(D_WEB_CLIENT, "%llu: Searching for RRD data with name '%s'.", w->id, tok);
-
- // do we have such a data set?
- RRDSET *st = rrdset_find_byname(tok);
- if(!st) st = rrdset_find(tok);
- if(!st) {
- code = 404;
- buffer_sprintf(w->response.data, "Chart %s is not found.\r\n", tok);
- debug(D_WEB_CLIENT_ACCESS, "%llu: %s is not found.", w->id, tok);
+ // get the name of the data to show
+ tok = mystrsep(&url, "/?&");
+ if(tok && *tok) {
+ debug(D_WEB_CLIENT, "%llu: Searching for RRD data with name '%s'.", w->id, tok);
+
+ // do we have such a data set?
+ RRDSET *st = rrdset_find_byname(tok);
+ if(!st) st = rrdset_find(tok);
+ if(!st) {
+ code = 404;
+ buffer_sprintf(w->response.data, "Chart %s is not found.\r\n", tok);
+ debug(D_WEB_CLIENT_ACCESS, "%llu: %s is not found.", w->id, tok);
+ }
+ else {
+ code = 200;
+ debug_flags |= D_RRD_STATS;
+ st->debug = st->debug?0:1;
+ buffer_sprintf(w->response.data, "Chart %s has now debug %s.\r\n", tok, st->debug?"enabled":"disabled");
+ debug(D_WEB_CLIENT_ACCESS, "%llu: debug for %s is %s.", w->id, tok, st->debug?"enabled":"disabled");
+ }
+ }
+ else {
+ code = 500;
+ buffer_flush(w->response.data);
+ buffer_strcat(w->response.data, "debug which chart?\r\n");
+ }
}
- else {
+ else if(strcmp(tok, "mirror") == 0) {
code = 200;
- debug_flags |= D_RRD_STATS;
- st->debug = st->debug?0:1;
- buffer_sprintf(w->response.data, "Chart %s has now debug %s.\r\n", tok, st->debug?"enabled":"disabled");
- debug(D_WEB_CLIENT_ACCESS, "%llu: debug for %s is %s.", w->id, tok, st->debug?"enabled":"disabled");
- }
- }
- else if(strcmp(tok, "mirror") == 0) {
- code = 200;
- debug(D_WEB_CLIENT_ACCESS, "%llu: Mirroring...", w->id);
+ debug(D_WEB_CLIENT_ACCESS, "%llu: Mirroring...", w->id);
- // replace the zero bytes with spaces
- buffer_char_replace(w->response.data, '\0', ' ');
+ // replace the zero bytes with spaces
+ buffer_char_replace(w->response.data, '\0', ' ');
- // just leave the buffer as is
- // it will be copied back to the client
- }
+ // just leave the buffer as is
+ // it will be copied back to the client
+ }
#endif
- else if(strcmp(tok, "list") == 0) {
- code = 200;
+ else if(strcmp(tok, "list") == 0) {
+ code = 200;
- debug(D_WEB_CLIENT_ACCESS, "%llu: Sending list of RRD_STATS...", w->id);
+ debug(D_WEB_CLIENT_ACCESS, "%llu: Sending list of RRD_STATS...", w->id);
- buffer_flush(w->response.data);
- RRDSET *st = rrdset_root;
+ buffer_flush(w->response.data);
+ RRDSET *st = rrdset_root;
- for ( ; st ; st = st->next )
- buffer_sprintf(w->response.data, "%s\n", st->name);
- }
- else if(strcmp(tok, "all.json") == 0) {
- code = 200;
- debug(D_WEB_CLIENT_ACCESS, "%llu: Sending JSON list of all monitors of RRD_STATS...", w->id);
+ for ( ; st ; st = st->next )
+ buffer_sprintf(w->response.data, "%s\n", st->name);
+ }
+ else if(strcmp(tok, "all.json") == 0) {
+ code = 200;
+ debug(D_WEB_CLIENT_ACCESS, "%llu: Sending JSON list of all monitors of RRD_STATS...", w->id);
- w->response.data->contenttype = CT_APPLICATION_JSON;
- buffer_flush(w->response.data);
- rrd_stats_all_json(w->response.data);
- }
- else if(strcmp(tok, "netdata.conf") == 0) {
- code = 200;
- debug(D_WEB_CLIENT_ACCESS, "%llu: Sending netdata.conf ...", w->id);
+ w->response.data->contenttype = CT_APPLICATION_JSON;
+ buffer_flush(w->response.data);
+ rrd_stats_all_json(w->response.data);
+ }
+ else if(strcmp(tok, "netdata.conf") == 0) {
+ code = 200;
+ debug(D_WEB_CLIENT_ACCESS, "%llu: Sending netdata.conf ...", w->id);
- w->response.data->contenttype = CT_TEXT_PLAIN;
- buffer_flush(w->response.data);
- generate_config(w->response.data, 0);
+ w->response.data->contenttype = CT_TEXT_PLAIN;
+ buffer_flush(w->response.data);
+ generate_config(w->response.data, 0);
+ }
+ else {
+ char filename[FILENAME_MAX+1];
+ url = filename;
+ strncpy(filename, w->last_url, FILENAME_MAX);
+ filename[FILENAME_MAX] = '\0';
+ tok = mystrsep(&url, "?");
+ buffer_flush(w->response.data);
+ code = mysendfile(w, (tok && *tok)?tok:"/");
+ }
}
else {
char filename[FILENAME_MAX+1];
else {
strcpy(w->last_url, "not a valid response");
- if(buf) debug(D_WEB_CLIENT_ACCESS, "%llu: Cannot understand '%s'.", w->id, buf);
+ debug(D_WEB_CLIENT_ACCESS, "%llu: Cannot understand '%s'.", w->id, w->response.data->buffer);
code = 500;
buffer_flush(w->response.data);
}
// free url_decode() buffer
- if(pointer_to_free) free(pointer_to_free);
+ if(pointer_to_free) {
+ free(pointer_to_free);
+ pointer_to_free = NULL;
+ }
}
else if(w->response.data->len > TOO_BIG_REQUEST) {
strcpy(w->last_url, "too big request");
"HTTP/1.1 %d %s\r\n"
"Connection: %s\r\n"
"Server: NetData Embedded HTTP Server\r\n"
- "Content-Type: %s\r\n"
"Access-Control-Allow-Origin: *\r\n"
- "Access-Control-Allow-Methods: GET, OPTIONS\r\n"
- "Access-Control-Allow-Headers: accept, x-requested-with\r\n"
- "Access-Control-Max-Age: 86400\r\n"
+ "Content-Type: %s\r\n"
"Date: %s\r\n"
, code, code_msg
, w->keepalive?"keep-alive":"close"
, date
);
+ if(w->cookie[0]) {
+ buffer_sprintf(w->response.header_output,
+ "Set-Cookie: %s\r\n",
+ w->cookie);
+ }
+
+ if(w->mode == WEB_CLIENT_MODE_OPTIONS) {
+ buffer_strcat(w->response.header_output,
+ "Access-Control-Allow-Methods: GET, OPTIONS\r\n"
+ "Access-Control-Allow-Credentials: true\r\n"
+ "Access-Control-Allow-Headers: Accept, X-Requested-With, Content-Type, Cookie\r\n"
+ "Access-Control-Max-Age: 1209600\r\n" // 86400 * 14
+ );
+ }
+
if(buffer_strlen(w->response.header))
buffer_strcat(w->response.header_output, buffer_tostring(w->response.header));
"Cache-Control: no-cache\r\n"
, date);
}
- else {
+ else if(w->mode != WEB_CLIENT_MODE_OPTIONS) {
char edate[100];
time_t et = w->response.data->date + (86400 * 14);
struct tm etmbuf, *etm = gmtime_r(&et, &etmbuf);