pages/pages-server
1
0
Fork 0
mirror of https://codeberg.org/Codeberg/pages-server.git synced 2025-04-24 13:56:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix CORS / add Access-Control-Allow-Origin * to all methods

Browse source 
The header is not only necessary on the OPTIONS request, but on any method, so I removed the condition.
This commit is contained in:
Otto Richter 2022-04-09 18:59:19 +02:00
parent 1e4dfe2ae8
commit b7cca90972
1 changed files with 12 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

24
server/handler.go
View file

@ -54,19 +54,19 @@ func Handler(mainDomainSuffix, rawDomain []byte,
}
// Allow CORS for specified domains
allowCors := false
for _, allowedCorsDomain := range allowedCorsDomains {
if bytes.Equal(trimmedHost, allowedCorsDomain) {
allowCors = true
break
}
}
if allowCors {
ctx.Response.Header.Set("Access-Control-Allow-Origin", "*")
ctx.Response.Header.Set("Access-Control-Allow-Methods", "GET, HEAD")
}
ctx.Response.Header.Set("Allow", "GET, HEAD, OPTIONS")
if ctx.IsOptions() {
allowCors := false
for _, allowedCorsDomain := range allowedCorsDomains {
if bytes.Equal(trimmedHost, allowedCorsDomain) {
allowCors = true
break
}
}
if allowCors {
ctx.Response.Header.Set("Access-Control-Allow-Origin", "*")
ctx.Response.Header.Set("Access-Control-Allow-Methods", "GET, HEAD")
}
ctx.Response.Header.Set("Allow", "GET, HEAD, OPTIONS")
ctx.Response.Header.SetStatusCode(fasthttp.StatusNoContent)
return
}