Class: Braintrust::Server::Middleware::Cors

Inherits:

Object

• Object
• Braintrust::Server::Middleware::Cors

Defined in:

lib/braintrust/server/middleware/cors.rb

Overview

CORS middleware allowing requests from *.braintrust.dev origins. Handles preflight OPTIONS requests and adds CORS headers to all responses.

Constant Summary

ALLOWED_ORIGIN_PATTERN =

/\Ahttps?:\/\/([\w-]+\.)*braintrust\.dev\z/

HEADER_ALLOW_ORIGIN =

"access-control-allow-origin"

HEADER_ALLOW_CREDENTIALS =

"access-control-allow-credentials"

HEADER_ALLOW_METHODS =

"access-control-allow-methods"

HEADER_ALLOW_HEADERS =

"access-control-allow-headers"

HEADER_MAX_AGE =

"access-control-max-age"

HEADER_ALLOW_PRIVATE_NETWORK =

"access-control-allow-private-network"

HEADER_EXPOSE_HEADERS =

"access-control-expose-headers"

EXPOSED_HEADERS =

"x-bt-cursor, x-bt-found-existing-experiment, x-bt-span-id, x-bt-span-export"

ALLOWED_HEADERS =

%w[
  content-type
  authorization
  x-amz-date
  x-api-key
  x-amz-security-token
  x-bt-auth-token
  x-bt-parent
  x-bt-org-name
  x-bt-project-id
  x-bt-stream-fmt
  x-bt-use-cache
  x-bt-use-gateway
  x-stainless-os
  x-stainless-lang
  x-stainless-package-version
  x-stainless-runtime
  x-stainless-runtime-version
  x-stainless-arch
].freeze

Instance Method Summary

• #call(env) ⇒ Object
• #initialize(app) ⇒ Cors constructor

  A new instance of Cors.

Constructor Details

#initialize(app) ⇒ Cors

Returns a new instance of Cors.

# File 'lib/braintrust/server/middleware/cors.rb', line 41

def initialize(app)
  @app = app
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/braintrust/server/middleware/cors.rb', line 45

def call(env)
  origin = env["HTTP_ORIGIN"]

  if env["REQUEST_METHOD"] == "OPTIONS"
    return handle_preflight(env, origin)
  end

  status, headers, body = @app.call(env)
  add_cors_headers(headers, origin)
  [status, headers, body]
end