diff options
| author | Chris <ccbrown112@gmail.com> | 2017-07-13 14:02:33 -0700 |
|---|---|---|
| committer | Christopher Brown <ccbrown112@gmail.com> | 2017-07-13 18:48:07 -0700 |
| commit | a18479df0940be8503c9b88993490741793eba9e (patch) | |
| tree | d839053025bc9705659fc89d96360792f8a16d72 /utils | |
| parent | 764ff4cb64eb86c87a28a076eed28d8778f194d6 (diff) | |
| download | chat-a18479df0940be8503c9b88993490741793eba9e.tar.gz chat-a18479df0940be8503c9b88993490741793eba9e.tar.bz2 chat-a18479df0940be8503c9b88993490741793eba9e.zip | |
Tweak WebSocket header-processing (#6929)
* fix
* consolidate code
Diffstat (limited to 'utils')
| -rw-r--r-- | utils/api.go | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/utils/api.go b/utils/api.go index 663f53c16..d175e0c13 100644 --- a/utils/api.go +++ b/utils/api.go @@ -15,7 +15,15 @@ type OriginCheckerProc func(*http.Request) bool func OriginChecker(r *http.Request) bool { origin := r.Header.Get("Origin") - return *Cfg.ServiceSettings.AllowCorsFrom == "*" || strings.Contains(*Cfg.ServiceSettings.AllowCorsFrom, origin) + if *Cfg.ServiceSettings.AllowCorsFrom == "*" { + return true + } + for _, allowed := range strings.Split(*Cfg.ServiceSettings.AllowCorsFrom, " ") { + if allowed == origin { + return true + } + } + return false } func GetOriginChecker(r *http.Request) OriginCheckerProc { |