-
Notifications
You must be signed in to change notification settings - Fork 0
/
cors.go
49 lines (44 loc) · 1.22 KB
/
cors.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package http
import (
"net/http"
"strings"
"github.com/rs/cors"
)
// CORSConfig represents the configuration for CORS.
type CORSConfig struct {
AllowedOrigins []string `long:"allowed-origins" description:"Allowed origins for CORS"`
MaxAge int `long:"max-age" description:"Max age (in seconds) for preflight cache"`
}
func CORSOptions(config CORSConfig) cors.Options {
return cors.Options{
AllowOriginFunc: AllowedOrigin(config.AllowedOrigins),
AllowedMethods: []string{
http.MethodHead,
http.MethodGet,
http.MethodPost,
http.MethodPut,
http.MethodPatch,
http.MethodDelete,
},
AllowedHeaders: []string{"*"},
ExposedHeaders: []string{"*"},
MaxAge: config.MaxAge,
AllowCredentials: false,
}
}
func AllowedOrigin(allowedOrigins []string) func(origin string) bool {
trimScheme := func(origin string) string {
return strings.TrimPrefix(strings.TrimPrefix(origin, "https://"), "http://")
}
return func(origin string) bool {
if len(allowedOrigins) == 0 || allowedOrigins[0] == "*" {
return true
}
for _, allowedOrigin := range allowedOrigins {
if allowedOrigin == origin || trimScheme(allowedOrigin) == trimScheme(origin) {
return true
}
}
return false
}
}