Teknikode
/
Teknik
Watch 3
Star 18
Fork 4
Code Issues 39 Pull Requests 0 Releases 3 Wiki Activity
The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
768 Commits
2 Branches
Tree: c701493859
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c701493859'
${ noResults }
Teknik/IdentityServer/Middleware/CORSMiddleware.cs

CORSMiddleware.cs 2.4KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. using System;

  2. using System.Collections.Generic;

  3. using System.Linq;

  4. using System.Threading.Tasks;

  5. using Microsoft.AspNetCore.Builder;

  6. using Microsoft.AspNetCore.Http;

  7. using Teknik.Configuration;

  8. using Teknik.Utilities;

  9. 

  10. namespace Teknik.IdentityServer.Middleware

  11. {

  12.     // You may need to install the Microsoft.AspNetCore.Http.Abstractions package into your project

  13.     public class CORSMiddleware

  14.     {

  15.         private readonly RequestDelegate _next;

  16. 

  17.         public CORSMiddleware(RequestDelegate next)

  18.         {

  19.             _next = next;

  20.         }

  21. 

  22.         public Task InvokeAsync(HttpContext httpContext, Config config)

  23.         {

  24.             // Allow this domain, or everything if local

  25.             string origin = (httpContext.Request.IsLocal()) ? "*" : httpContext.Request.Headers["Origin"].ToString();

  26. 

  27.             // Is the referrer set to the CDN and we are using a CDN?

  28.             if (config.UseCdn && !string.IsNullOrEmpty(config.CdnHost))

  29.             {

  30.                 try

  31.                 {

  32.                     string host = httpContext.Request.Headers["Host"];

  33.                     Uri uri = new Uri(config.CdnHost);

  34.                     if (host == uri.Host)

  35.                         origin = host;

  36.                 }

  37.                 catch { }

  38.             }

  39. 

  40.             string domain = (string.IsNullOrEmpty(origin)) ? string.Empty : origin.GetDomain();

  41. 

  42.             if (string.IsNullOrEmpty(origin))

  43.             {

  44.                 string host = httpContext.Request.Headers["Host"];

  45.                 string sub = host.GetSubdomain();

  46.                 origin = (string.IsNullOrEmpty(sub)) ? config.Host : sub + "." + config.Host;

  47.             }

  48.             else

  49.             {

  50.                 if (domain != config.Host)

  51.                 {

  52.                     string sub = origin.GetSubdomain();

  53.                     origin = (string.IsNullOrEmpty(sub)) ? config.Host : sub + "." + config.Host;

  54.                 }

  55.             }

  56. 

  57.             httpContext.Response.Headers.Append("Access-Control-Allow-Origin", origin);

  58.             httpContext.Response.Headers.Append("Vary", "Origin");

  59. 

  60.             return _next(httpContext);

  61.         }

  62.     }

  63. 

  64.     // Extension method used to add the middleware to the HTTP request pipeline.

  65.     public static class CORSMiddlewareExtensions

  66.     {

  67.         public static IApplicationBuilder UseCORS(this IApplicationBuilder builder)

  68.         {

  69.             return builder.UseMiddleware<CORSMiddleware>();

  70.         }

  71.     }

  72. }