summaryrefslogtreecommitdiff
path: root/vendor/github.com/gin-contrib/cors/config.go
diff options
context:
space:
mode:
authorLibravatar Terin Stock <terinjokes@gmail.com>2022-04-26 20:30:25 -0700
committerLibravatar Terin Stock <terinjokes@gmail.com>2023-01-31 15:16:42 +0100
commit83b4c9ebc87d0fddf4e638f13e3af1483912e3a5 (patch)
tree47840b84c0fd3cb226eab2ecb3dbce0617163406 /vendor/github.com/gin-contrib/cors/config.go
parent[chore] update URLs to forked source (diff)
downloadgotosocial-83b4c9ebc87d0fddf4e638f13e3af1483912e3a5.tar.xz
[chore] remove vendor
Diffstat (limited to 'vendor/github.com/gin-contrib/cors/config.go')
-rw-r--r--vendor/github.com/gin-contrib/cors/config.go134
1 files changed, 0 insertions, 134 deletions
diff --git a/vendor/github.com/gin-contrib/cors/config.go b/vendor/github.com/gin-contrib/cors/config.go
deleted file mode 100644
index d4fc11801..000000000
--- a/vendor/github.com/gin-contrib/cors/config.go
+++ /dev/null
@@ -1,134 +0,0 @@
-package cors
-
-import (
- "net/http"
- "strings"
-
- "github.com/gin-gonic/gin"
-)
-
-type cors struct {
- allowAllOrigins bool
- allowCredentials bool
- allowOriginFunc func(string) bool
- allowOrigins []string
- exposeHeaders []string
- normalHeaders http.Header
- preflightHeaders http.Header
- wildcardOrigins [][]string
-}
-
-var (
- DefaultSchemas = []string{
- "http://",
- "https://",
- }
- ExtensionSchemas = []string{
- "chrome-extension://",
- "safari-extension://",
- "moz-extension://",
- "ms-browser-extension://",
- }
- FileSchemas = []string{
- "file://",
- }
- WebSocketSchemas = []string{
- "ws://",
- "wss://",
- }
-)
-
-func newCors(config Config) *cors {
- if err := config.Validate(); err != nil {
- panic(err.Error())
- }
-
- return &cors{
- allowOriginFunc: config.AllowOriginFunc,
- allowAllOrigins: config.AllowAllOrigins,
- allowCredentials: config.AllowCredentials,
- allowOrigins: normalize(config.AllowOrigins),
- normalHeaders: generateNormalHeaders(config),
- preflightHeaders: generatePreflightHeaders(config),
- wildcardOrigins: config.parseWildcardRules(),
- }
-}
-
-func (cors *cors) applyCors(c *gin.Context) {
- origin := c.Request.Header.Get("Origin")
- if len(origin) == 0 {
- // request is not a CORS request
- return
- }
- host := c.Request.Host
-
- if origin == "http://"+host || origin == "https://"+host {
- // request is not a CORS request but have origin header.
- // for example, use fetch api
- return
- }
-
- if !cors.validateOrigin(origin) {
- c.AbortWithStatus(http.StatusForbidden)
- return
- }
-
- if c.Request.Method == "OPTIONS" {
- cors.handlePreflight(c)
- defer c.AbortWithStatus(http.StatusNoContent) // Using 204 is better than 200 when the request status is OPTIONS
- } else {
- cors.handleNormal(c)
- }
-
- if !cors.allowAllOrigins {
- c.Header("Access-Control-Allow-Origin", origin)
- }
-}
-
-func (cors *cors) validateWildcardOrigin(origin string) bool {
- for _, w := range cors.wildcardOrigins {
- if w[0] == "*" && strings.HasSuffix(origin, w[1]) {
- return true
- }
- if w[1] == "*" && strings.HasPrefix(origin, w[0]) {
- return true
- }
- if strings.HasPrefix(origin, w[0]) && strings.HasSuffix(origin, w[1]) {
- return true
- }
- }
-
- return false
-}
-
-func (cors *cors) validateOrigin(origin string) bool {
- if cors.allowAllOrigins {
- return true
- }
- for _, value := range cors.allowOrigins {
- if value == origin {
- return true
- }
- }
- if len(cors.wildcardOrigins) > 0 && cors.validateWildcardOrigin(origin) {
- return true
- }
- if cors.allowOriginFunc != nil {
- return cors.allowOriginFunc(origin)
- }
- return false
-}
-
-func (cors *cors) handlePreflight(c *gin.Context) {
- header := c.Writer.Header()
- for key, value := range cors.preflightHeaders {
- header[key] = value
- }
-}
-
-func (cors *cors) handleNormal(c *gin.Context) {
- header := c.Writer.Header()
- for key, value := range cors.normalHeaders {
- header[key] = value
- }
-}
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-21 18:09:51 +0000