summaryrefslogtreecommitdiffstats
path: root/lib/public/appframework/controller.php
diff options
context:
space:
mode:
authorBernhard Posselt <dev@bernhard-posselt.com>2014-05-08 11:47:18 +0200
committerBernhard Posselt <dev@bernhard-posselt.com>2014-05-09 23:34:41 +0200
commit9a4d204b55da063631f01a780d32b3fd88c729cd (patch)
tree63d4905af6945ef4c0a8f350a3d85ed8d9d0e391 /lib/public/appframework/controller.php
parentaf2b7634eeb8c3bd8ec5dec8b600fbaf8ae5d498 (diff)
downloadnextcloud-server-9a4d204b55da063631f01a780d32b3fd88c729cd.tar.gz
nextcloud-server-9a4d204b55da063631f01a780d32b3fd88c729cd.zip
add cors middleware
remove methodannotationreader namespace fix namespace for server container fix tests fail if with cors credentials header is set to true, implement a reusable preflighted cors method in the controller baseclass, make corsmiddleware private and register it for every request remove uneeded local in cors middleware registratio dont uppercase cors to easily use it from routes fix indention comment fixes explicitely set allow credentials header to false dont depend on better controllers PR, fix that stuff later split cors methods to be in a seperate controller for exposing apis remove protected definitions from apicontroller since controller has it
Diffstat (limited to 'lib/public/appframework/controller.php')
-rw-r--r--lib/public/appframework/controller.php13
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/public/appframework/controller.php b/lib/public/appframework/controller.php
index 758f0a80083..f42eba172c7 100644
--- a/lib/public/appframework/controller.php
+++ b/lib/public/appframework/controller.php
@@ -28,7 +28,6 @@
namespace OCP\AppFramework;
use OCP\AppFramework\Http\TemplateResponse;
-use OCP\AppFramework\IAppContainer;
use OCP\IRequest;
@@ -49,12 +48,22 @@ abstract class Controller {
*/
protected $request;
+
/**
* constructor of the controller
* @param string $appName the name of the app
* @param IRequest $request an instance of the request
+ * @param string $corsMethods: comma seperated string of HTTP verbs which
+ * should be allowed for websites or webapps when calling your API, defaults to
+ * 'PUT, POST, GET, DELETE, PATCH'
+ * @param string $corsAllowedHeaders: comma seperated string of HTTP headers
+ * which should be allowed for websites or webapps when calling your API,
+ * defaults to 'Authorization, Content-Type, Accept'
+ * @param int $corsMaxAge number in seconds how long a preflighted OPTIONS
+ * request should be cached, defaults to 1728000 seconds
*/
- public function __construct($appName, IRequest $request){
+ public function __construct($appName,
+ IRequest $request){
$this->appName = $appName;
$this->request = $request;
}