diff --git a/main/http_server/http_server.c b/main/http_server/http_server.c index 04db4aa2..e19fd152 100644 --- a/main/http_server/http_server.c +++ b/main/http_server/http_server.c @@ -114,14 +114,27 @@ static esp_err_t set_content_type_from_file(httpd_req_t * req, const char * file } return httpd_resp_set_type(req, type); } + static esp_err_t set_cors_headers(httpd_req_t * req) { + esp_err_t err; - return httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*") == ESP_OK && - httpd_resp_set_hdr(req, "Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS") == ESP_OK && - httpd_resp_set_hdr(req, "Access-Control-Allow-Headers", "Content-Type") == ESP_OK - ? ESP_OK - : ESP_FAIL; + err = httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*"); + if (err != ESP_OK) { + return ESP_FAIL; + } + + err = httpd_resp_set_hdr(req, "Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS"); + if (err != ESP_OK) { + return ESP_FAIL; + } + + err = httpd_resp_set_hdr(req, "Access-Control-Allow-Headers", "Content-Type"); + if (err != ESP_OK) { + return ESP_FAIL; + } + + return ESP_OK; } /* Recovery handler */ @@ -181,7 +194,7 @@ static esp_err_t rest_common_get_handler(httpd_req_t * req) httpd_resp_sendstr_chunk(req, NULL); /* Respond with 500 Internal Server Error */ httpd_resp_send_err(req, HTTPD_500_INTERNAL_SERVER_ERROR, "Failed to send file"); - return ESP_FAIL; + return ESP_OK; } } } while (read_bytes > 0); @@ -193,13 +206,12 @@ static esp_err_t rest_common_get_handler(httpd_req_t * req) return ESP_OK; } - static esp_err_t handle_options_request(httpd_req_t * req) { // Set CORS headers for OPTIONS request if (set_cors_headers(req) != ESP_OK) { httpd_resp_send_500(req); - return ESP_FAIL; + return ESP_OK; } // Send a blank response for OPTIONS request @@ -213,7 +225,7 @@ static esp_err_t PATCH_update_settings(httpd_req_t * req) // Set CORS headers if (set_cors_headers(req) != ESP_OK) { httpd_resp_send_500(req); - return ESP_FAIL; + return ESP_OK; } int total_len = req->content_len; @@ -223,14 +235,14 @@ static esp_err_t PATCH_update_settings(httpd_req_t * req) if (total_len >= SCRATCH_BUFSIZE) { /* Respond with 500 Internal Server Error */ httpd_resp_send_err(req, HTTPD_500_INTERNAL_SERVER_ERROR, "content too long"); - return ESP_FAIL; + return ESP_OK; } while (cur_len < total_len) { received = httpd_req_recv(req, buf + cur_len, total_len); if (received <= 0) { /* Respond with 500 Internal Server Error */ httpd_resp_send_err(req, HTTPD_500_INTERNAL_SERVER_ERROR, "Failed to post control value"); - return ESP_FAIL; + return ESP_OK; } cur_len += received; } @@ -238,6 +250,11 @@ static esp_err_t PATCH_update_settings(httpd_req_t * req) cJSON * root = cJSON_Parse(buf); cJSON * item; + if (root == NULL) { + httpd_resp_send_err(req, HTTPD_400_BAD_REQUEST, "Invalid JSON"); + return ESP_OK; + } + if ((item = cJSON_GetObjectItem(root, "stratumURL")) != NULL) { nvs_config_set_string(NVS_CONFIG_STRATUM_URL, item->valuestring); } @@ -319,7 +336,6 @@ static esp_err_t POST_restart(httpd_req_t * req) return ESP_OK; } - /* Simple handler for getting system handler */ static esp_err_t GET_system_info(httpd_req_t * req) { @@ -328,7 +344,7 @@ static esp_err_t GET_system_info(httpd_req_t * req) // Set CORS headers if (set_cors_headers(req) != ESP_OK) { httpd_resp_send_500(req); - return ESP_FAIL; + return ESP_OK; }