diff --git a/slow/slow.py b/slow/slow.py index 88e9c53..2b670a4 100644 --- a/slow/slow.py +++ b/slow/slow.py @@ -204,20 +204,44 @@ class App: content_length = int(headers.get("Content-Length", 0)) body = await reader.read(content_length) if content_length else b"" - route, kwargs = self.resolve(path, method) + if method == "OPTIONS": + if "origin" in headers and headers.get("origin") in self.CORS.Origins: + origin = headers.get("origin") + response = "HTTP/1.1 200 OK\r\n" + response += "Content-Type: text/plain\r\n" + response += "Content-Length: 0\r\n" + response += f"Access-Control-Allow-Origin: {origin}\r\n" + response += f"Access-Control-Allow-Methods: {','.join(self.CORS.Methods)}\r\n" + response += "Access-Control-Allow-Headers: Content-Type,Authorization\r\n" # CORS + response += "Vary: Origin\r\n" + response += "\r\n" - response = await route( - request=Request( - method=method, - path=path, - headers=headers, - body=body, - ), - **kwargs, - ) - writer.write(response) + writer.write(response.encode(encoding="utf-8")) - await writer.drain() + await writer.drain() + + else: + response = "HTTP/1.1 403 Forbidden\r\n" + response += "Content-Length: 0\r\n" + response += "Vary: Origin\r\n" + response += "\r\n" + + writer.write(response.encode(encoding="utf-8")) + + await writer.drain() + + else: + route, kwargs = self.resolve(path, method) + + response = await route( + request=Request( + method=method, path=path, headers=headers, body=body, app=self + ), + **kwargs, + ) + writer.write(response) + + await writer.drain() except Exception as e: print(f"Internal Server Error: {e}") finally: