| def main(request, response): | |
| headers = [(b"X-Request-Method", request.method), | |
| (b"X-Request-Content-Length", request.headers.get(b"Content-Length", b"NO")), | |
| (b"X-Request-Content-Type", request.headers.get(b"Content-Type", b"NO")), | |
| (b"Access-Control-Allow-Credentials", b"true"), | |
| # Avoid any kind of content sniffing on the response. | |
| (b"Content-Type", b"text/plain")] | |
| origin = request.GET.first(b"origin", request.headers.get(b"origin")) | |
| if origin != None: | |
| headers.append((b"Access-Control-Allow-Origin", origin)) | |
| request_headers = request.GET.first(b"origin", request.headers.get(b"access-control-request-headers")) | |
| if request_headers != None: | |
| headers.append((b"Access-Control-Allow-Headers", request_headers)) | |
| request_method = request.GET.first(b"origin", request.headers.get(b"access-control-request-method")) | |
| if request_method != None: | |
| headers.append((b"Access-Control-Allow-Methods", b"OPTIONS, " + request_method)) | |
| content = request.body | |
| return headers, content |