axelpale · August 5, 2012 10:01
diff --git a/django-crossdomainxhr-middleware.py b/django-crossdomainxhr-middleware.py
 # -*- coding: utf-8 -*-

 # Source:
 # https://gist.github.com/3263576

 import re
 from django.utils.text import compress_string
 from django.utils.cache import patch_vary_headers
 from django import http
 import settings

 # How to default:
 # http://www.codekoala.com/blog/2009/custom-django-settings-and-default-values/
 CROSS_DOMAIN_XHR_ALLOWED_ORIGINS = getattr(
   settings, 'CROSS_DOMAIN_XHR_ALLOWED_ORIGINS', '*')
 CROSS_DOMAIN_XHR_ALLOWED_METHODS = getattr(
   settings, 'CROSS_DOMAIN_XHR_ALLOWED_METHODS',
   ['POST', 'GET', 'OPTIONS', 'PUT', 'DELETE'])

 class CrossDomainXhrMiddleware(object):
   """
   This middleware allows cross-domain XHR using the html5 postMessage API.

   Access-Control-Allow-Origin: http://foo.example
   Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
   """
   def process_request(self, request):

      if 'HTTP_ACCESS_CONTROL_REQUEST_METHOD' in request.META:
         response = http.HttpResponse()
         response['Access-Control-Allow-Origin'] = CROSS_DOMAIN_XHR_ALLOWED_ORIGINS
         response['Access-Control-Allow-Methods'] = ",".join(CROSS_DOMAIN_XHR_ALLOWED_METHODS)

         return response
      return None

   def process_response(self, request, response):
      # Avoid unnecessary work
      if response.has_header('Access-Control-Allow-Origin'):
         return response

      response['Access-Control-Allow-Origin'] = CROSS_DOMAIN_XHR_ALLOWED_ORIGINS
      response['Access-Control-Allow-Methods'] = ",".join(CROSS_DOMAIN_XHR_ALLOWED_METHODS)

      return response
	# -- coding: utf-8 --

	# Source:
	# https://gist.github.com/3263576

	import re
	from django.utils.text import compress_string
	from django.utils.cache import patch_vary_headers
	from django import http
	import settings

	# How to default:
	# http://www.codekoala.com/blog/2009/custom-django-settings-and-default-values/
	CROSS_DOMAIN_XHR_ALLOWED_ORIGINS = getattr(
	settings, 'CROSS_DOMAIN_XHR_ALLOWED_ORIGINS', '*')
	CROSS_DOMAIN_XHR_ALLOWED_METHODS = getattr(
	settings, 'CROSS_DOMAIN_XHR_ALLOWED_METHODS',
	['POST', 'GET', 'OPTIONS', 'PUT', 'DELETE'])

	class CrossDomainXhrMiddleware(object):
	"""
	This middleware allows cross-domain XHR using the html5 postMessage API.

	Access-Control-Allow-Origin: http://foo.example
	Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
	"""
	def process_request(self, request):

	if 'HTTP_ACCESS_CONTROL_REQUEST_METHOD' in request.META:
	response = http.HttpResponse()
	response['Access-Control-Allow-Origin'] = CROSS_DOMAIN_XHR_ALLOWED_ORIGINS
	response['Access-Control-Allow-Methods'] = ",".join(CROSS_DOMAIN_XHR_ALLOWED_METHODS)

	return response
	return None

	def process_response(self, request, response):
	# Avoid unnecessary work
	if response.has_header('Access-Control-Allow-Origin'):
	return response

	response['Access-Control-Allow-Origin'] = CROSS_DOMAIN_XHR_ALLOWED_ORIGINS
	response['Access-Control-Allow-Methods'] = ",".join(CROSS_DOMAIN_XHR_ALLOWED_METHODS)

	return response