diff options
| author | Elias Nahum <nahumhbl@gmail.com> | 2016-03-01 22:12:05 -0300 |
|---|---|---|
| committer | Elias Nahum <nahumhbl@gmail.com> | 2016-03-01 23:27:20 -0300 |
| commit | 3177f30829439604315563b32ace6f1305b43a66 (patch) | |
| tree | fe6667cb646a35d5bf1a2b76b757922e02204570 /api/context.go | |
| parent | 81f97ebc88be468f3cefecf8c850459d7eccc459 (diff) | |
| download | chat-3177f30829439604315563b32ace6f1305b43a66.tar.gz chat-3177f30829439604315563b32ace6f1305b43a66.tar.bz2 chat-3177f30829439604315563b32ace6f1305b43a66.zip | |
Add Cors Handler
Diffstat (limited to 'api/context.go')
| -rw-r--r-- | api/context.go | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/api/context.go b/api/context.go index 91b11670b..918ba3557 100644 --- a/api/context.go +++ b/api/context.go @@ -238,6 +238,47 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } } +func (cw *CorsWrapper) ServeHTTP( + w http.ResponseWriter, + r *http.Request) { + allowedMethods := []string{ + "POST", + "GET", + "OPTIONS", + "PUT", + "PATCH", + "DELETE", + } + + allowedHeaders := []string{ + "Accept", + "Content-Type", + "Content-Length", + "Accept-Encoding", + "Authorization", + "X-CSRF-Token", + "X-Auth-Token", + } + + if len(*utils.Cfg.ServiceSettings.AllowCorsFrom) > 0 { + w.Header().Set("Access-Control-Allow-Origin", *utils.Cfg.ServiceSettings.AllowCorsFrom) + + w.Header().Set( + "Access-Control-Allow-Methods", + strings.Join(allowedMethods, ", ")) + + w.Header().Set( + "Access-Control-Allow-Headers", + strings.Join(allowedHeaders, ", ")) + } + + if r.Method == "OPTIONS" { + return + } + + cw.router.ServeHTTP(w, r) +} + func GetProtocol(r *http.Request) string { if r.Header.Get(model.HEADER_FORWARDED_PROTO) == "https" { return "https" |