kopia lustrzana https://github.com/bugout-dev/moonstream
Merge pull request #802 from moonstream-to/fix-cors-nb
Fixed preflight requests for nbpull/803/head
commit
43a8e09d35
|
@ -359,16 +359,18 @@ func panicMiddleware(next http.Handler) http.Handler {
|
||||||
// CORS middleware
|
// CORS middleware
|
||||||
func corsMiddleware(next http.Handler) http.Handler {
|
func corsMiddleware(next http.Handler) http.Handler {
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
for _, allowedOrigin := range strings.Split(MOONSTREAM_CORS_ALLOWED_ORIGINS, ",") {
|
if r.Method == http.MethodOptions {
|
||||||
if r.Header.Get("Origin") == allowedOrigin {
|
for _, allowedOrigin := range strings.Split(MOONSTREAM_CORS_ALLOWED_ORIGINS, ",") {
|
||||||
w.Header().Set("Access-Control-Allow-Origin", allowedOrigin)
|
if r.Header.Get("Origin") == allowedOrigin {
|
||||||
|
w.Header().Set("Access-Control-Allow-Origin", allowedOrigin)
|
||||||
|
w.Header().Set("Access-Control-Allow-Methods", "GET,POST")
|
||||||
|
// Credentials are cookies, authorization headers, or TLS client certificates
|
||||||
|
w.Header().Set("Access-Control-Allow-Credentials", "true")
|
||||||
|
w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
w.WriteHeader(http.StatusNoContent)
|
||||||
if r.Method == "OPTIONS" {
|
return
|
||||||
w.Header().Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS")
|
|
||||||
// Credentials are cookies, authorization headers, or TLS client certificates
|
|
||||||
w.Header().Set("Access-Control-Allow-Credentials", "true")
|
|
||||||
w.Header().Set("Access-Control-Allow-Headers", "Authorization")
|
|
||||||
}
|
}
|
||||||
next.ServeHTTP(w, r)
|
next.ServeHTTP(w, r)
|
||||||
})
|
})
|
||||||
|
|
Ładowanie…
Reference in New Issue