[mythtv-commits] mythtv branch fixes/0.28 updated by bmeek. v0.28-39-g35dce94

Git Repo Owner noreply at mythtv.org
Sun Jun 26 14:31:00 UTC 2016 

The branch, fixes/0.28 has been updated on the
mythtv repository by gitolite user bmeek.
       via  35dce940d84eaedf475f1126d541d5fd3f3b490a (commit)
       via  778ded0a3ff5c24e02bb764c09651501adb96189 (commit)
      from  59808a8c71e2aa0f7654305caa8a224c8487c5ee (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 35dce940d84eaedf475f1126d541d5fd3f3b490a
Author:    Bill Meek <bmeek at mythtv.org> at Fri, 24 Jun 2016 12:47:31 -0500
Committer: Bill Meek <bmeek at mythtv.org> at Sun, 26 Jun 2016 09:11:45 -0500
URL:       http://code.mythtv.org/cgit/mythtv/commit/?id=35dce940d84eaedf475f1126d541d5fd3f3b490a

HTTP Server: Change HOST_NAME_MAX to 1024 for some buildbots
I missed the 2nd place where this was used in my initial commit.

(cherry picked from commit 4453e98283b33aa9e9e90c582ee5ddbaddcb3ebb)



commit 778ded0a3ff5c24e02bb764c09651501adb96189
Author:    Bill Meek <bmeek at mythtv.org> at Fri, 24 Jun 2016 12:04:21 -0500
Committer: Bill Meek <bmeek at mythtv.org> at Sun, 26 Jun 2016 09:11:36 -0500
URL:       http://code.mythtv.org/cgit/mythtv/commit/?id=778ded0a3ff5c24e02bb764c09651501adb96189

HTTP Server: Provide additional CORS support
This commit adds a new AllowedOriginsList setting that
stores a comma separated list of Origins. If the setting
is missing, the list defaults to:

    https://chromecast.mythtv.org
    http://chromecast.mythtvcast.com

Access-Control-Allow -Credentials and -Headers were also
added to the response to support Chromecast.

A TODO item is closed by adding the hostname to
the existing list of IP addresses (no change in
the ports checked.)

Note that previously, if ResponseTypeFile was found, the
CORS header wasn't being added. This caused the Chromecast
feature to fail.

There is no GUI. Clients have the ability to change the value
with the Services API. May need to rethink using settings as
this is a security risk.

For example, it a valid Origin exists in the request, the
following will appear in the response:

    Access-Control-Allow-Origin: https://example.com
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Headers: Content-Type

If there is no match, an existing critical log will fire:

    Cross-origin request received with origin (https://example.net)

Missing http://, https:// or a '*' character in list entries will
be ignored, and the following will be logged:

    Illegal AllowedOriginsList entry '*'. Must start with http[s]:// and not be *

(cherry picked from commit 5292483764357d86f6dc2b155b262c2c072748da)



-----------------------------------------------------------------------

Summary of changes:
 mythtv/libs/libmythupnp/httprequest.cpp |  172 +++++++++++++++++++-----------
 mythtv/libs/libmythupnp/httprequest.h   |   55 +++++-----
 2 files changed, 137 insertions(+), 90 deletions(-)

--

More information about the mythtv-commits mailing list