From 1ccf093803bcc342e25f269c40b02f83be50b341 Mon Sep 17 00:00:00 2001
From: Chris <ccbrown112@gmail.com>
Date: Wed, 22 Nov 2017 15:58:03 -0600
Subject: origin checker refactor (#7889)

---
 app/server.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'app/server.go')

diff --git a/app/server.go b/app/server.go
index 0739d4989..eb2fa9b32 100644
--- a/app/server.go
+++ b/app/server.go
@@ -58,8 +58,8 @@ type CorsWrapper struct {
 }
 
 func (cw *CorsWrapper) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if len(*cw.config().ServiceSettings.AllowCorsFrom) > 0 {
-		if utils.OriginChecker(r) {
+	if allowed := *cw.config().ServiceSettings.AllowCorsFrom; allowed != "" {
+		if utils.CheckOrigin(r, allowed) {
 			w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
 
 			if r.Method == "OPTIONS" {
@@ -252,6 +252,13 @@ func (a *App) StopServer() {
 	}
 }
 
+func (a *App) OriginChecker() func(*http.Request) bool {
+	if allowed := *a.Config().ServiceSettings.AllowCorsFrom; allowed != "" {
+		return utils.OriginChecker(allowed)
+	}
+	return nil
+}
+
 // This is required to re-use the underlying connection and not take up file descriptors
 func consumeAndClose(r *http.Response) {
 	if r.Body != nil {
-- 
cgit v1.2.3-1-g7c22