From 31e8bd1dcfe3c6fcac6e8efd33a9d622cb64222f Mon Sep 17 00:00:00 2001
From: Dmytro Kishchenko <d.kischenko@sweet.tv>
Date: Fri, 10 Nov 2023 13:43:57 +0100
Subject: [PATCH] Added availability to set 200/204 for OPTIONS request status

---
 .gitignore |  2 ++
 config.go  | 38 ++++++++++++++++++++++----------------
 cors.go    |  5 ++++-
 3 files changed, 28 insertions(+), 17 deletions(-)

diff --git a/.gitignore b/.gitignore
index b4ecae3..002df84 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,5 @@ _testmain.go
 *.prof
 
 coverage.out
+
+.idea
diff --git a/config.go b/config.go
index 735c8c1..4fa23bf 100644
--- a/config.go
+++ b/config.go
@@ -8,13 +8,14 @@ import (
 )
 
 type cors struct {
-	allowAllOrigins  bool
-	allowCredentials bool
-	allowOriginFunc  func(string) bool
-	allowOrigins     []string
-	normalHeaders    http.Header
-	preflightHeaders http.Header
-	wildcardOrigins  [][]string
+	allowAllOrigins      bool
+	allowCredentials     bool
+	allowOriginFunc      func(string) bool
+	allowOrigins         []string
+	normalHeaders        http.Header
+	preflightHeaders     http.Header
+	wildcardOrigins      [][]string
+	optionsRequestStatus int
 }
 
 var (
@@ -48,18 +49,23 @@ func newCors(config Config) *cors {
 		}
 	}
 
+	if config.OptionsRequestStatus == 0 {
+		config.OptionsRequestStatus = http.StatusNoContent
+	}
+
 	return &cors{
-		allowOriginFunc:  config.AllowOriginFunc,
-		allowAllOrigins:  config.AllowAllOrigins,
-		allowCredentials: config.AllowCredentials,
-		allowOrigins:     normalize(config.AllowOrigins),
-		normalHeaders:    generateNormalHeaders(config),
-		preflightHeaders: generatePreflightHeaders(config),
-		wildcardOrigins:  config.parseWildcardRules(),
+		allowOriginFunc:      config.AllowOriginFunc,
+		allowAllOrigins:      config.AllowAllOrigins,
+		allowCredentials:     config.AllowCredentials,
+		allowOrigins:         normalize(config.AllowOrigins),
+		normalHeaders:        generateNormalHeaders(config),
+		preflightHeaders:     generatePreflightHeaders(config),
+		wildcardOrigins:      config.parseWildcardRules(),
+		optionsRequestStatus: config.OptionsRequestStatus,
 	}
 }
 
-func (cors *cors) applyCors(c *gin.Context) {
+func (cors *cors) applyCors(c *gin.Context, optionsRequestStatus *int) {
 	origin := c.Request.Header.Get("Origin")
 	if len(origin) == 0 {
 		// request is not a CORS request
@@ -80,7 +86,7 @@ func (cors *cors) applyCors(c *gin.Context) {
 
 	if c.Request.Method == "OPTIONS" {
 		cors.handlePreflight(c)
-		defer c.AbortWithStatus(http.StatusNoContent) // Using 204 is better than 200 when the request status is OPTIONS
+		defer c.AbortWithStatus(*optionsRequestStatus) // Added availability to set 200/204 for OPTIONS request status
 	} else {
 		cors.handleNormal(c)
 	}
diff --git a/cors.go b/cors.go
index 4113437..0f5b874 100644
--- a/cors.go
+++ b/cors.go
@@ -53,6 +53,9 @@ type Config struct {
 
 	// Allows usage of file:// schema (dangerous!) use it only when you 100% sure it's needed
 	AllowFiles bool
+
+	// Allows to pass custom OPTIONS request status code for old browsers / clients
+	OptionsRequestStatus int
 }
 
 // AddAllowMethods is allowed to add custom methods
@@ -163,6 +166,6 @@ func Default() gin.HandlerFunc {
 func New(config Config) gin.HandlerFunc {
 	cors := newCors(config)
 	return func(c *gin.Context) {
-		cors.applyCors(c)
+		cors.applyCors(c, &cors.optionsRequestStatus)
 	}
 }