summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/rs/cors/cors.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/rs/cors/cors.go')
-rw-r--r--vendor/github.com/rs/cors/cors.go6
1 files changed, 3 insertions, 3 deletions
diff --git a/vendor/github.com/rs/cors/cors.go b/vendor/github.com/rs/cors/cors.go
index 0aa4f51f1..15181089a 100644
--- a/vendor/github.com/rs/cors/cors.go
+++ b/vendor/github.com/rs/cors/cors.go
@@ -174,7 +174,7 @@ func AllowAll() *Cors {
AllowedOrigins: []string{"*"},
AllowedMethods: []string{"HEAD", "GET", "POST", "PUT", "PATCH", "DELETE"},
AllowedHeaders: []string{"*"},
- AllowCredentials: true,
+ AllowCredentials: false,
})
}
@@ -269,7 +269,7 @@ func (c *Cors) handlePreflight(w http.ResponseWriter, r *http.Request) {
c.logf(" Preflight aborted: headers '%v' not allowed", reqHeaders)
return
}
- if c.allowedOriginsAll && !c.allowCredentials {
+ if c.allowedOriginsAll {
headers.Set("Access-Control-Allow-Origin", "*")
} else {
headers.Set("Access-Control-Allow-Origin", origin)
@@ -321,7 +321,7 @@ func (c *Cors) handleActualRequest(w http.ResponseWriter, r *http.Request) {
return
}
- if c.allowedOriginsAll && !c.allowCredentials {
+ if c.allowedOriginsAll {
headers.Set("Access-Control-Allow-Origin", "*")
} else {
headers.Set("Access-Control-Allow-Origin", origin)
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-12 03:26:38 +0000