view mod_http_debug/mod_http_debug.lua @ 5548:fd3c12c40cd9

mod_http_oauth2: Disable CORS for authorization endpoint Per recommendation in draft-ietf-oauth-security-topics-23 Hopefully it is enough to return an error status, since mod_http will add CORS headers from a handler with higher priority, even for OPTIONS.
author Kim Alvefur <zash@zash.se>
date Fri, 16 Jun 2023 00:05:57 +0200
parents b6af4d1ff8c1
children
line wrap: on
line source

local json = require "util.json"

module:depends("http")
local function handle_request(event)
	local request = event.request;
	(request.log or module._log)("debug", "%s -- %s %q HTTP/%s -- %q -- %s", request.ip, request.method, request.url, request.httpversion, request.headers, request.body);
	return {
		status_code = 200;
		headers = { content_type = "application/json" };
		host = module.host;
		body = json.encode {
			body = request.body;
			headers = request.headers;
			httpversion = request.httpversion;
			id = request.id;
			ip = request.ip;
			method = request.method;
			path = request.path;
			secure = request.secure;
			url = request.url;
		};
	}
end

local methods = module:get_option_set("http_debug_methods", { "GET"; "HEAD"; "DELETE"; "OPTIONS"; "PATCH"; "POST"; "PUT" });
local route = {};
for method in methods do
	route[method] = handle_request;
	route[method .. " /*"] = handle_request;
end

module:provides("http", {
	route = route;
})