X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgi.c;h=fd72ee5e919649d954a762b2ff26a19b91954caa;hp=226017602f61c7531c62eb5e7967f83fd0b0a7b8;hb=1b75ea3893fc2f08701bb5c60bc092bb1532164c;hpb=9b1a4d7e6645b3e2987f67fe3d4d22ae617457f7 diff --git a/cgi.c b/cgi.c index 22601760..fd72ee5e 100644 --- a/cgi.c +++ b/cgi.c @@ -8,7 +8,7 @@ * actual handler functions are declared elsewhere. * * Copyright : Written by and Copyright (C) 2001-2017 - * members of the Privoxy team. http://www.privoxy.org/ + * members of the Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written * by and Copyright (C) 1997 Anonymous Coders and @@ -978,6 +978,9 @@ struct http_response *error_response(struct client_state *csp, case SOCKS_5T: socks_type = "socks5t-"; break; + case FORWARD_WEBSERVER: + socks_type = "webserver-"; + break; default: log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type); } @@ -1585,12 +1588,24 @@ struct http_response *finish_http_response(struct client_state *csp, struct http return rsp; } + /* + * Add "Cross-origin resource sharing" (CORS) headers if enabled + */ + if (NULL != csp->config->cors_allowed_origin) + { + enlist_unique_header(rsp->headers, "Access-Control-Allow-Origin", + csp->config->cors_allowed_origin); + enlist_unique_header(rsp->headers, "Access-Control-Allow-Methods", "GET,POST"); + enlist_unique_header(rsp->headers, "Access-Control-Allow-Headers", "X-Requested-With"); + enlist_unique_header(rsp->headers, "Access-Control-Max-Age", "86400"); + } + /* * Fill in the HTTP Status, using HTTP/1.1 * unless the client asked for HTTP/1.0. */ snprintf(buf, sizeof(buf), "%s %s", - strcmpic(csp->http->ver, "HTTP/1.0") ? "HTTP/1.1" : "HTTP/1.0", + strcmpic(csp->http->version, "HTTP/1.0") ? "HTTP/1.1" : "HTTP/1.0", rsp->status ? rsp->status : "200 OK"); err = enlist_first(rsp->headers, buf);