X-Git-Url: http://git.indexdata.com/?p=mkws-moved-to-github.git;a=blobdiff_plain;f=tools%2Fmod_perl%2FMyApache2%2FSetACAO.pm;fp=tools%2Fmod_perl%2FMyApache2%2FSetACAO.pm;h=66334fc0c2acde11d775af234d55d30587941796;hp=0000000000000000000000000000000000000000;hb=641e2f9f931b5440ce86af8f5d67df296a21192c;hpb=91f73c93cb0f226e251db72219b67ed416c1f639

diff --git a/tools/mod_perl/MyApache2/SetACAO.pm b/tools/mod_perl/MyApache2/SetACAO.pm
new file mode 100644
index 0000000..66334fc
--- /dev/null
+++ b/tools/mod_perl/MyApache2/SetACAO.pm
@@ -0,0 +1,30 @@
+package MyApache2::SetACAO;
+
+use Apache2::Filter ();
+use Apache2::RequestRec ();
+use APR::Table ();
+
+use Apache2::Const -compile => qw(OK);
+
+use constant BUFF_LEN => 1024;
+
+sub handler {
+    my $f = shift;
+
+    # If the client generated an Origin header, echo its content back
+    # in an ACAO header. This is better than just using *, since it
+    # doesnt prevent credentials from being accepted.
+    my $origin = $f->r->headers_in->get('Origin');
+    if (defined $origin && $origin ne "") {
+	$f->r->headers_out->set('Access-Control-Allow-Origin', $origin);
+	warn "MyApache2::SetACAO copied Origin '$origin' to ACAO";
+    }
+
+    while ($f->read(my $buffer, BUFF_LEN)) {
+	$f->print($buffer);
+    }
+
+    return Apache2::Const::OK;
+}
+
+1;