From c9ca24e99de165bc82d4a2ec4812cf754d650048 Mon Sep 17 00:00:00 2001 From: Nicolas Setton Date: Tue, 10 Oct 2017 15:53:04 -0400 Subject: [PATCH] Use Django directly to set the Allow-Access-Control-Origin Since the cors plugin seems to only set it when an origin header is passed to the request, which Chrome does not do. --- compile_server/app/checker.py | 41 ++++++++++++++++------------ compile_server/app/static/editors.js | 6 +++- compile_server/app/views.py | 13 +++++++-- 3 files changed, 38 insertions(+), 22 deletions(-) diff --git a/compile_server/app/checker.py b/compile_server/app/checker.py index 0918a1d..988ecbc 100644 --- a/compile_server/app/checker.py +++ b/compile_server/app/checker.py @@ -14,6 +14,7 @@ from rest_framework.decorators import api_view from compile_server.app.models import Resource, Example from compile_server.app import process_handling +from compile_server.app.views import CrossDomainResponse gnatprove_found = False gnatemulator_found = False @@ -62,16 +63,16 @@ def check_output(request): returncode = p.poll() if returncode is None: # The program is still running: transmit the current lines - return Response({'output_lines': lines, - 'status': 0, - 'completed': False, - 'message': "running"}) + return CrossDomainResponse({'output_lines': lines, + 'status': 0, + 'completed': False, + 'message': "running"}) else: - return Response({'output_lines': lines, - 'status': returncode, - 'completed': True, - 'message': "completed"}) + return CrossDomainResponse({'output_lines': lines, + 'status': returncode, + 'completed': True, + 'message': "completed"}) def get_example(received_json): @@ -111,12 +112,14 @@ def check_program(request): # Sanity check for the existence of gnatprove if not check_gnatprove(): - return Response({'identifier': '', 'message': "gnatprove not found"}) + return CrossDomainResponse( + {'identifier': '', 'message': "gnatprove not found"}) received_json = json.loads(request.body) e = get_example(received_json) if not e: - return Response({'identifier': '', 'message': "example not found"}) + return CrossDomainResponse( + {'identifier': '', 'message': "example not found"}) tempd = prep_example_directory(e, received_json) @@ -134,7 +137,7 @@ def check_program(request): result = {'identifier': os.path.basename(tempd), 'message': message} - return Response(result) + return CrossDomainResponse(result) @api_view(['POST']) @@ -143,7 +146,7 @@ def run_program(request): # Security check if not ALLOW_RUNNING_PROGRAMS_EVEN_THOUGH_IT_IS_NOT_SECURE: - return Response( + return CrossDomainResponse( {'identifier': '', 'message': "running programs is disabled on this server"} ) @@ -151,20 +154,22 @@ def run_program(request): # Sanity check for the existence of gnatprove if not check_gnatemulator(): - return Response({'identifier': '', - 'message': "gnatemulator not found"}) + return CrossDomainResponse({'identifier': '', + 'message': "gnatemulator not found"}) received_json = json.loads(request.body) e = get_example(received_json) received_json = json.loads(request.body) if not e.main: - return Response({'identifier': '', - 'message': "example does not have a main"}) + return CrossDomainResponse( + {'identifier': '', + 'message': "example does not have a main"}) tempd = prep_example_directory(e, received_json) if not tempd: - return Response({'identifier': '', 'message': "example not found"}) + return CrossDomainResponse( + {'identifier': '', 'message': "example not found"}) # Run the command(s) to check the program commands = [ @@ -183,4 +188,4 @@ def run_program(request): result = {'identifier': os.path.basename(tempd), 'message': message} - return Response(result) + return CrossDomainResponse(result) diff --git a/compile_server/app/static/editors.js b/compile_server/app/static/editors.js index a748d1c..bd482f5 100644 --- a/compile_server/app/static/editors.js +++ b/compile_server/app/static/editors.js @@ -160,7 +160,11 @@ function fill_editor(container, example_name, example_server) { url: container.example_server + "/example/" + example_name, data: {}, type: "GET", - dataType : "json", + // dataType : "json", + contentType: 'text/plain', + crossDomain: true, +// headers: { "Origin": "http://www.adacore.com" } + }) .done(function( json ) { // On success, create editors for each of the resources diff --git a/compile_server/app/views.py b/compile_server/app/views.py index b355974..ea8c382 100644 --- a/compile_server/app/views.py +++ b/compile_server/app/views.py @@ -41,6 +41,13 @@ class ResourceSet(viewsets.ModelViewSet): serializer_class = ResourceSerializer +def CrossDomainResponse(data=None): + """Return a response which accepts cross-domain queries""" + r = Response(data) + r["Access-Control-Allow-Origin"] = "*" + return r + + @api_view(['GET']) def examples(request): """Return a list of example names and their description""" @@ -49,7 +56,7 @@ def examples(request): for e in examples: results.append({'name': e.name, 'description': e.description}) - return Response(results) + return CrossDomainResponse(results) @api_view(['GET']) @@ -57,7 +64,7 @@ def example(request, name): # TODO: create an example serializer matches = Example.objects.filter(name=name) if not matches: - return Response() + return CrossDomainResponse() e = matches[0] resources = [] @@ -69,7 +76,7 @@ def example(request, name): 'description': e.description, 'main': e.main, 'resources': resources} - return Response(result) + return CrossDomainResponse(result) def code_page(request, example_name):