izuemon commited on
Commit
53c9456
·
verified ·
1 Parent(s): 4ac967c

Update app.py

Browse files
Files changed (1) hide show
  1. app.py +43 -28
app.py CHANGED
@@ -80,29 +80,29 @@ def get_managers():
80
 
81
  return jsonify(res.json().get("managers", []))
82
 
83
- @app.route("/cors-proxy", methods=["GET"])
84
- def corsproxy():
85
- url = request.args.get("url")
86
- if not url:
87
- return "url パラメータが必要です", 400
88
-
89
- if not url.startswith(("http://", "https://")):
90
- return "http または https のURLのみ使用できます", 400
91
-
92
- resp = requests.get(url, headers=request.headers, timeout=60)
93
 
94
- response = Response(resp.content, resp.status_code)
95
- response.headers["Access-Control-Allow-Origin"] = "*"
96
- response.headers["Access-Control-Allow-Headers"] = "*"
97
- response.headers["Access-Control-Allow-Methods"] = "GET, POST, PATCH, OPTIONS"
98
 
99
- if "Content-Type" in resp.headers:
100
- response.headers["Content-Type"] = resp.headers["Content-Type"]
 
 
 
 
101
 
102
- return response
 
 
 
 
 
 
 
 
 
 
 
 
103
 
104
- @app.route("/cors-proxy", methods=["POST", "PATCH"])
105
- def corsproxy_post():
106
  url = request.args.get("url")
107
  if not url:
108
  return "url パラメータが必要です", 400
@@ -110,21 +110,36 @@ def corsproxy_post():
110
  if not url.startswith(("http://", "https://")):
111
  return "http または https のURLのみ使用できます", 400
112
 
 
 
 
 
 
 
 
 
 
113
  resp = requests.request(
114
  method=request.method,
115
  url=url,
116
- headers=request.headers,
117
- data=request.data,
118
- timeout=60,
 
119
  )
120
 
121
- headers = {
122
- "Access-Control-Allow-Origin": "*",
123
- "Access-Control-Allow-Headers": "*",
124
- "Access-Control-Allow-Methods": "GET, POST, PATCH, OPTIONS",
125
- }
126
 
127
- return Response(resp.content, resp.status_code, headers=headers)
 
 
 
 
 
 
 
 
 
128
 
129
  if __name__ == "__main__":
130
  if os.environ.get("WERKZEUG_RUN_MAIN") != "true":
 
80
 
81
  return jsonify(res.json().get("managers", []))
82
 
 
 
 
 
 
 
 
 
 
 
83
 
 
 
 
 
84
 
85
+ FORWARD_HEADERS = {
86
+ "User-Agent",
87
+ "Accept",
88
+ "Content-Type",
89
+ "Authorization",
90
+ }
91
 
92
+ @app.route("/cors-proxy", methods=["GET", "POST", "PATCH", "PUT", "DELETE", "OPTIONS"])
93
+ def cors_proxy():
94
+ # Preflight 対応
95
+ if request.method == "OPTIONS":
96
+ return Response(
97
+ "",
98
+ 204,
99
+ headers={
100
+ "Access-Control-Allow-Origin": "*",
101
+ "Access-Control-Allow-Headers": "*",
102
+ "Access-Control-Allow-Methods": "GET, POST, PATCH, PUT, DELETE, OPTIONS",
103
+ },
104
+ )
105
 
 
 
106
  url = request.args.get("url")
107
  if not url:
108
  return "url パラメータが必要です", 400
 
110
  if not url.startswith(("http://", "https://")):
111
  return "http または https のURLのみ使用できます", 400
112
 
113
+ # 必要なヘッダだけ転送
114
+ headers = {
115
+ k: v for k, v in request.headers.items()
116
+ if k in FORWARD_HEADERS
117
+ }
118
+
119
+ # gzip 問題回避
120
+ headers.pop("Accept-Encoding", None)
121
+
122
  resp = requests.request(
123
  method=request.method,
124
  url=url,
125
+ headers=headers,
126
+ data=request.get_data(),
127
+ params=request.args.to_dict(flat=True),
128
+ timeout=30,
129
  )
130
 
131
+ response = Response(resp.content, resp.status_code)
 
 
 
 
132
 
133
+ # CORS ヘッダ付与
134
+ response.headers["Access-Control-Allow-Origin"] = "*"
135
+ response.headers["Access-Control-Allow-Headers"] = "*"
136
+ response.headers["Access-Control-Allow-Methods"] = "GET, POST, PATCH, PUT, DELETE, OPTIONS"
137
+
138
+ # Content-Type は元のまま
139
+ if "Content-Type" in resp.headers:
140
+ response.headers["Content-Type"] = resp.headers["Content-Type"]
141
+
142
+ return response
143
 
144
  if __name__ == "__main__":
145
  if os.environ.get("WERKZEUG_RUN_MAIN") != "true":