diff options
author | Chris <ccbrown112@gmail.com> | 2017-07-13 14:02:33 -0700 |
---|---|---|
committer | Christopher Brown <ccbrown112@gmail.com> | 2017-07-13 18:48:07 -0700 |
commit | a18479df0940be8503c9b88993490741793eba9e (patch) | |
tree | d839053025bc9705659fc89d96360792f8a16d72 /app | |
parent | 764ff4cb64eb86c87a28a076eed28d8778f194d6 (diff) | |
download | chat-a18479df0940be8503c9b88993490741793eba9e.tar.gz chat-a18479df0940be8503c9b88993490741793eba9e.tar.bz2 chat-a18479df0940be8503c9b88993490741793eba9e.zip |
Tweak WebSocket header-processing (#6929)
* fix
* consolidate code
Diffstat (limited to 'app')
-rw-r--r-- | app/server.go | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/app/server.go b/app/server.go index a5090a597..a5b2dbda9 100644 --- a/app/server.go +++ b/app/server.go @@ -53,9 +53,8 @@ type CorsWrapper struct { func (cw *CorsWrapper) ServeHTTP(w http.ResponseWriter, r *http.Request) { if len(*utils.Cfg.ServiceSettings.AllowCorsFrom) > 0 { - origin := r.Header.Get("Origin") - if *utils.Cfg.ServiceSettings.AllowCorsFrom == "*" || strings.Contains(*utils.Cfg.ServiceSettings.AllowCorsFrom, origin) { - w.Header().Set("Access-Control-Allow-Origin", origin) + if utils.OriginChecker(r) { + w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin")) if r.Method == "OPTIONS" { w.Header().Set( |