diff --git a/apps/api_web/lib/api_web/plugs/cors.ex b/apps/api_web/lib/api_web/plugs/cors.ex index fb85de656..15af7a896 100644 --- a/apps/api_web/lib/api_web/plugs/cors.ex +++ b/apps/api_web/lib/api_web/plugs/cors.ex @@ -4,10 +4,11 @@ defmodule ApiWeb.Plugs.CORS do """ import Plug.Conn - import Corsica import Phoenix.Controller, only: [render: 3, put_view: 2] - @default_opts sanitize_opts( + alias Corsica + + @default_opts Corsica.sanitize_opts( origins: "*", allow_methods: :all, allow_headers: [ @@ -21,16 +22,16 @@ defmodule ApiWeb.Plugs.CORS do def init(opts), do: opts def call(%{assigns: assigns} = conn, _) do - if cors_req?(conn) do + if Corsica.cors_req?(conn) do allowed_domains = parse_allowed_domains(assigns.api_user.allowed_domains) opts = %{@default_opts | origins: allowed_domains} cond do - preflight_req?(conn) -> - send_preflight_resp(conn, opts) + Corsica.preflight_req?(conn) -> + Corsica.send_preflight_resp(conn, opts) - allowed_origin?(conn, opts) -> - put_cors_simple_resp_headers(conn, opts) + Corsica.allowed_origin?(conn, opts) -> + Corsica.put_cors_simple_resp_headers(conn, opts) true -> render_400(conn) diff --git a/apps/api_web/mix.exs b/apps/api_web/mix.exs index a2f0cf873..3a829600b 100644 --- a/apps/api_web/mix.exs +++ b/apps/api_web/mix.exs @@ -68,7 +68,7 @@ defmodule ApiWeb.Mixfile do {:bandit, "~> 1.0-pre"}, {:ja_serializer, github: "mbta/ja_serializer", branch: "master"}, {:timex, "~> 3.7"}, - {:corsica, "~> 1.3"}, + {:corsica, "~> 2.1"}, {:state_mediator, in_umbrella: true}, {:health, in_umbrella: true}, {:api_accounts, in_umbrella: true}, diff --git a/mix.lock b/mix.lock index 9895737c7..db91510f5 100644 --- a/mix.lock +++ b/mix.lock @@ -11,7 +11,7 @@ "combine": {:hex, :combine, "0.10.0", "eff8224eeb56498a2af13011d142c5e7997a80c8f5b97c499f84c841032e429f", [:mix], [], "hexpm", "1b1dbc1790073076580d0d1d64e42eae2366583e7aecd455d1215b0d16f2451b"}, "comeonin": {:hex, :comeonin, "5.5.1", "5113e5f3800799787de08a6e0db307133850e635d34e9fab23c70b6501669510", [:mix], [], "hexpm", "65aac8f19938145377cee73973f192c5645873dcf550a8a6b18187d17c13ccdb"}, "connection": {:hex, :connection, "1.1.0", "ff2a49c4b75b6fb3e674bfc5536451607270aac754ffd1bdfe175abe4a6d7a68", [:mix], [], "hexpm", "722c1eb0a418fbe91ba7bd59a47e28008a189d47e37e0e7bb85585a016b2869c"}, - "corsica": {:hex, :corsica, "1.3.0", "bbec02ccbeca1fdf44ee23b25a8ae32f7c6c28fc127ef8836dd8420e8f65bd9b", [:mix], [{:plug, "~> 1.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "8847ec817554047e9aa6d9933539cacb10c4ee60b58e0c15c3b380c5b737b35f"}, + "corsica": {:hex, :corsica, "2.1.3", "dccd094ffce38178acead9ae743180cdaffa388f35f0461ba1e8151d32e190e6", [:mix], [{:plug, "~> 1.0", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4.0 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "616c08f61a345780c2cf662ff226816f04d8868e12054e68963e95285b5be8bc"}, "credo": {:hex, :credo, "1.7.13", "126a0697df6b7b71cd18c81bc92335297839a806b6f62b61d417500d1070ff4e", [:mix], [{:bunt, "~> 0.2.1 or ~> 1.0", [hex: :bunt, repo: "hexpm", optional: false]}, {:file_system, "~> 0.2 or ~> 1.0", [hex: :file_system, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm", "47641e6d2bbff1e241e87695b29f617f1a8f912adea34296fb10ecc3d7e9e84f"}, "decimal": {:hex, :decimal, "2.3.0", "3ad6255aa77b4a3c4f818171b12d237500e63525c2fd056699967a3e7ea20f62", [:mix], [], "hexpm", "a4d66355cb29cb47c3cf30e71329e58361cfcb37c34235ef3bf1d7bf3773aeac"}, "dialyxir": {:hex, :dialyxir, "1.4.6", "7cca478334bf8307e968664343cbdb432ee95b4b68a9cba95bdabb0ad5bdfd9a", [:mix], [{:erlex, ">= 0.2.7", [hex: :erlex, repo: "hexpm", optional: false]}], "hexpm", "8cf5615c5cd4c2da6c501faae642839c8405b49f8aa057ad4ae401cb808ef64d"},