summaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
authorChris <ccbrown112@gmail.com>2017-07-13 14:02:33 -0700
committerChristopher Brown <ccbrown112@gmail.com>2017-07-13 18:48:07 -0700
commita18479df0940be8503c9b88993490741793eba9e (patch)
treed839053025bc9705659fc89d96360792f8a16d72 /app
parent764ff4cb64eb86c87a28a076eed28d8778f194d6 (diff)
downloadchat-a18479df0940be8503c9b88993490741793eba9e.tar.gz
chat-a18479df0940be8503c9b88993490741793eba9e.tar.bz2
chat-a18479df0940be8503c9b88993490741793eba9e.zip
Tweak WebSocket header-processing (#6929)
* fix * consolidate code
Diffstat (limited to 'app')
-rw-r--r--app/server.go5
1 files changed, 2 insertions, 3 deletions
diff --git a/app/server.go b/app/server.go
index a5090a597..a5b2dbda9 100644
--- a/app/server.go
+++ b/app/server.go
@@ -53,9 +53,8 @@ type CorsWrapper struct {
func (cw *CorsWrapper) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if len(*utils.Cfg.ServiceSettings.AllowCorsFrom) > 0 {
- origin := r.Header.Get("Origin")
- if *utils.Cfg.ServiceSettings.AllowCorsFrom == "*" || strings.Contains(*utils.Cfg.ServiceSettings.AllowCorsFrom, origin) {
- w.Header().Set("Access-Control-Allow-Origin", origin)
+ if utils.OriginChecker(r) {
+ w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
if r.Method == "OPTIONS" {
w.Header().Set(