search

lwcolton / falcon-cors

CORS support for Falcon: http://falconframework.org
Apache License 2.0
74 stars 15 forks source link

Convert requested headers to lowercase before validation #5

Closed eshlox closed 6 years ago

eshlox commented 6 years ago

It looks like Edge browser sends all headers in camel case (or in the same form as client sends them to the API, I didn't test this option). When client sends Content-Type header it works differently for Edge and other browsers. Edge sends Content-Type, other browsers sends content-type. All headers from allow_headers_list are changed to lowercase so if Edge sends Content-Type then _process_allow_headers method returns False. In my case I can't use API on Edge (it works on IE).

The idea is to change header to lowercase only to check if it exists in self._cors_config['allow_headers_list'] and return not modified header.

lwcolton commented 6 years ago

:+1:

lwcolton commented 6 years ago

@eshlox https://pypi.python.org/pypi/falcon-cors/1.1.3