src/blackd/middlewares.py - third_party/github.com/psf/black - Git at Google

 from collections.abc import Awaitable, Callable, Collection, Iterable

 from aiohttp import web
 from aiohttp.typedefs import Middleware
 from aiohttp.web_middlewares import middleware
 from aiohttp.web_request import Request
 from aiohttp.web_response import StreamResponse

 Handler = Callable[[Request], Awaitable[StreamResponse]]


 def cors(
     *,
     allow_headers: Iterable[str],
     allow_origins: Collection[str],
     expose_headers: Iterable[str],
 ) -> Middleware:
     @middleware
     async def impl(request: Request, handler: Handler) -> StreamResponse:
         origin = request.headers.get("Origin")
         if not origin:
             return await handler(request)

         if origin not in allow_origins:
             return web.Response(status=403, text="CORS origin is not allowed")

         is_options = request.method == "OPTIONS"
         is_preflight = is_options and "Access-Control-Request-Method" in request.headers
         if is_preflight:
             resp = StreamResponse()
         else:
             resp = await handler(request)

         resp.headers["Access-Control-Allow-Origin"] = origin
         if expose_headers:
             resp.headers["Access-Control-Expose-Headers"] = ", ".join(expose_headers)
         if is_options:
             resp.headers["Access-Control-Allow-Headers"] = ", ".join(allow_headers)
             resp.headers["Access-Control-Allow-Methods"] = ", ".join(
                 ("OPTIONS", "POST")
             )

         return resp

     return impl
	from collections.abc import Awaitable, Callable, Collection, Iterable

	from aiohttp import web
	from aiohttp.typedefs import Middleware
	from aiohttp.web_middlewares import middleware
	from aiohttp.web_request import Request
	from aiohttp.web_response import StreamResponse

	Handler = Callable[[Request], Awaitable[StreamResponse]]


	def cors(
	*,
	allow_headers: Iterable[str],
	allow_origins: Collection[str],
	expose_headers: Iterable[str],
	) -> Middleware:
	@middleware
	async def impl(request: Request, handler: Handler) -> StreamResponse:
	origin = request.headers.get("Origin")
	if not origin:
	return await handler(request)

	if origin not in allow_origins:
	return web.Response(status=403, text="CORS origin is not allowed")

	is_options = request.method == "OPTIONS"
	is_preflight = is_options and "Access-Control-Request-Method" in request.headers
	if is_preflight:
	resp = StreamResponse()
	else:
	resp = await handler(request)

	resp.headers["Access-Control-Allow-Origin"] = origin
	if expose_headers:
	resp.headers["Access-Control-Expose-Headers"] = ", ".join(expose_headers)
	if is_options:
	resp.headers["Access-Control-Allow-Headers"] = ", ".join(allow_headers)
	resp.headers["Access-Control-Allow-Methods"] = ", ".join(
	("OPTIONS", "POST")
	)

	return resp

	return impl