Refactor out setCorsHeaders()

2025-05-23 02:35:49 +08:00 · 2023-09-26 00:02:31 +08:00 · 2023-09-26 00:02:31 +08:00 · 577bf91d25
commit 577bf91d25
parent 329a6a8132
1 changed files with 9 additions and 9 deletions
--- a/routers/cors_filter.go
+++ b/routers/cors_filter.go
@ -29,21 +29,23 @@ const (
 	headerAllowHeaders = "Access-Control-Allow-Headers"
 )
 func setCorsHeaders(ctx *context.Context, origin string) {
 	ctx.Output.Header(headerAllowOrigin, origin)
 	ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
 	ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
 }
 func CorsFilter(ctx *context.Context) {
 	origin := ctx.Input.Header(headerOrigin)
 	originConf := conf.GetConfigString("origin")
 	if ctx.Request.Method == "POST" && ctx.Request.RequestURI == "/api/login/oauth/access_token" {
-		ctx.Output.Header(headerAllowOrigin, origin)
+		setCorsHeaders(ctx, origin)
 		ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
 		ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
 		return
 	}
 	if ctx.Request.RequestURI == "/api/userinfo" {
-		ctx.Output.Header(headerAllowOrigin, origin)
+		setCorsHeaders(ctx, origin)
 		ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
 		ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
 		return
 	}
@ -54,9 +56,7 @@ func CorsFilter(ctx *context.Context) {
 		}
 		if ok {
-			ctx.Output.Header(headerAllowOrigin, origin)
+			setCorsHeaders(ctx, origin)
 			ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
 			ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
 		} else {
 			ctx.ResponseWriter.WriteHeader(http.StatusForbidden)
 			return