From a6f4bfac83c5b6507dfbea80646ac48dd3b24d0c Mon Sep 17 00:00:00 2001
From: Marijn van Butselaar <marijn@vanbutselaar.nl>
Date: Fri, 22 Apr 2016 15:18:00 +0200
Subject: [PATCH] Add support for configurable Access-Control-Allow-Methods.

---
 background.js | 7 +++++--
 popup.css     | 4 ++--
 popup.html    | 4 ++++
 popup.js      | 8 +++++++-
 4 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/background.js b/background.js
index 0120efe..519fb88 100644
--- a/background.js
+++ b/background.js
@@ -1,4 +1,5 @@
 var accessControlRequestHeaders;
+var allowedMethods;
 var exposedHeaders;
 
 var requestListener = function(details){
@@ -53,7 +54,7 @@ var responseListener = function(details){
 		details.responseHeaders.push({"name": "Access-Control-Expose-Headers", "value": exposedHeaders});
 	}
 
-	details.responseHeaders.push({"name": "Access-Control-Allow-Methods", "value": "GET, PUT, POST, DELETE, HEAD, OPTIONS"});
+	details.responseHeaders.push({"name": "Access-Control-Allow-Methods", "value": allowedMethods});
 
 	return {responseHeaders: details.responseHeaders};
 	
@@ -63,14 +64,16 @@ var responseListener = function(details){
 chrome.runtime.onInstalled.addListener(function(){
 	chrome.storage.local.set({'active': false});
 	chrome.storage.local.set({'urls': ["<all_urls>"]});
+	chrome.storage.local.set({'allowedMethods': 'GET, PUT, POST, DELETE, HEAD, OPTIONS'});
 	chrome.storage.local.set({'exposedHeaders': ''});
 	reload();
 });
 
 /*Reload settings*/
 function reload() {
-	chrome.storage.local.get({'active': false, 'urls': ["<all_urls>"], 'exposedHeaders': ''}, function(result) {
+	chrome.storage.local.get({'active': false, 'urls': ["<all_urls>"], 'allowedMethods': 'GET, PUT, POST, DELETE, HEAD, OPTIONS', 'exposedHeaders': ''}, function(result) {
 
+		allowedMethods = result.allowedMethods;
 		exposedHeaders = result.exposedHeaders;
 
 		/*Remove Listeners*/
diff --git a/popup.css b/popup.css
index 2d29b3e..4caa224 100644
--- a/popup.css
+++ b/popup.css
@@ -1,12 +1,12 @@
 html {
 	width: 400px;
-	min-height: 394px;
+	min-height: 444px;
 }
 
 .has-header {
 	position: relative;
 	top: 44px !important;
-	height: 350px;
+	height: 400px;
 	overflow-x: hidden;
 	overflow-y: auto;
 
diff --git a/popup.html b/popup.html
index 42a35c7..460db95 100644
--- a/popup.html
+++ b/popup.html
@@ -14,6 +14,10 @@ <h1 class="title">Settings</h1>
 		<div class="has-header">
 			<div class="list">
 				<ion-toggle ng-model="active" toggle-class="toggle-calm">Enable cross-origin resource sharing</ion-toggle>
+				<div class="item item-divider">
+					Access-Control-Allow-Methods
+				</div>
+				<text-option option="allowedMethods" placeholder="comma-separated list of methods ..."></text-option>
 				<div class="item item-divider">
 					Access-Control-Expose-Headers
 				</div>
diff --git a/popup.js b/popup.js
index b48b75d..bfd05d9 100644
--- a/popup.js
+++ b/popup.js
@@ -7,9 +7,10 @@ app.controller('PopupCtrl', ['$scope', function($scope) {
 	$scope.url = '';
 	$scope.exposedHeaders = '';
 
-	chrome.storage.local.get({'active': false, 'urls': [], 'exposedHeaders': ''}, function(result) {
+	chrome.storage.local.get({'active': false, 'urls': [], 'allowedMethods': 'GET, PUT, POST, DELETE, HEAD, OPTIONS', 'exposedHeaders': ''}, function(result) {
 		$scope.active = result.active;
 		$scope.urls = result.urls;
+		$scope.allowedMethods = result.allowedMethods;
 		$scope.exposedHeaders = result.exposedHeaders;
 		$scope.$apply();
 
@@ -18,6 +19,11 @@ app.controller('PopupCtrl', ['$scope', function($scope) {
 			chrome.extension.getBackgroundPage().reload();
 		});
 
+		$scope.$watch('allowedMethods', function(newValue, oldValue) {
+			chrome.storage.local.set({'allowedMethods': $scope.allowedMethods});
+			chrome.extension.getBackgroundPage().reload();
+		});
+
 		$scope.$watch('exposedHeaders', function(newValue, oldValue) {
 			chrome.storage.local.set({'exposedHeaders': $scope.exposedHeaders});
 			chrome.extension.getBackgroundPage().reload();