llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-05 14:09:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improve setCorsHeaders() for "include" mode

Browse Source
This commit is contained in:
Yang Luo
2024-01-13 23:46:05 +08:00
parent 60096468fe
commit 78066da208
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
routers/cors_filter.go
View File

@ -24,16 +24,18 @@ import (
) )
const ( const (
headerOrigin = "Origin" headerOrigin = "Origin"
headerAllowOrigin = "Access-Control-Allow-Origin" headerAllowOrigin = "Access-Control-Allow-Origin"
headerAllowMethods = "Access-Control-Allow-Methods" headerAllowMethods = "Access-Control-Allow-Methods"
headerAllowHeaders = "Access-Control-Allow-Headers" headerAllowHeaders = "Access-Control-Allow-Headers"
headerAllowCredentials = "Access-Control-Allow-Credentials"
) )
func setCorsHeaders(ctx *context.Context, origin string) { func setCorsHeaders(ctx *context.Context, origin string) {
ctx.Output.Header(headerAllowOrigin, origin) ctx.Output.Header(headerAllowOrigin, origin)
ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE") ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization") ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
ctx.Output.Header(headerAllowCredentials, "true")
if ctx.Input.Method() == "OPTIONS" { if ctx.Input.Method() == "OPTIONS" {
ctx.ResponseWriter.WriteHeader(http.StatusOK) ctx.ResponseWriter.WriteHeader(http.StatusOK)