diff options
| author |  Tobi Smethurst <31960611+tsmethurst@users.noreply.github.com> | 2021-08-12 21:03:24 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2021-08-12 21:03:24 +0200 |
| commit | 98263a7de64269898a2f81207e38943b5c8e8653 (patch) | |
| tree | 743c90f109a6c5d27832d1dcef2388d939f0f77a /vendor/github.com/gin-contrib/cors/utils.go | |
| parent | Text duplication fix (#137) (diff) | |
| download | gotosocial-98263a7de64269898a2f81207e38943b5c8e8653.tar.xz | |
Grand test fixup (#138)
* start fixing up tests
* fix up tests + automate with drone
* fiddle with linting
* messing about with drone.yml
* some more fiddling
* hmmm
* add cache
* add vendor directory
* verbose
* ci updates
* update some little things
* update sig
Diffstat (limited to 'vendor/github.com/gin-contrib/cors/utils.go')
| -rw-r--r-- | vendor/github.com/gin-contrib/cors/utils.go | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/vendor/github.com/gin-contrib/cors/utils.go b/vendor/github.com/gin-contrib/cors/utils.go new file mode 100644 index 000000000..460ef1780 --- /dev/null +++ b/vendor/github.com/gin-contrib/cors/utils.go @@ -0,0 +1,85 @@ +package cors + +import ( + "net/http" + "strconv" + "strings" + "time" +) + +type converter func(string) string + +func generateNormalHeaders(c Config) http.Header { + headers := make(http.Header) + if c.AllowCredentials { + headers.Set("Access-Control-Allow-Credentials", "true") + } + if len(c.ExposeHeaders) > 0 { + exposeHeaders := convert(normalize(c.ExposeHeaders), http.CanonicalHeaderKey) + headers.Set("Access-Control-Expose-Headers", strings.Join(exposeHeaders, ",")) + } + if c.AllowAllOrigins { + headers.Set("Access-Control-Allow-Origin", "*") + } else { + headers.Set("Vary", "Origin") + } + return headers +} + +func generatePreflightHeaders(c Config) http.Header { + headers := make(http.Header) + if c.AllowCredentials { + headers.Set("Access-Control-Allow-Credentials", "true") + } + if len(c.AllowMethods) > 0 { + allowMethods := convert(normalize(c.AllowMethods), strings.ToUpper) + value := strings.Join(allowMethods, ",") + headers.Set("Access-Control-Allow-Methods", value) + } + if len(c.AllowHeaders) > 0 { + allowHeaders := convert(normalize(c.AllowHeaders), http.CanonicalHeaderKey) + value := strings.Join(allowHeaders, ",") + headers.Set("Access-Control-Allow-Headers", value) + } + if c.MaxAge > time.Duration(0) { + value := strconv.FormatInt(int64(c.MaxAge/time.Second), 10) + headers.Set("Access-Control-Max-Age", value) + } + if c.AllowAllOrigins { + headers.Set("Access-Control-Allow-Origin", "*") + } else { + // Always set Vary headers + // see https://github.com/rs/cors/issues/10, + // https://github.com/rs/cors/commit/dbdca4d95feaa7511a46e6f1efb3b3aa505bc43f#commitcomment-12352001 + + headers.Add("Vary", "Origin") + headers.Add("Vary", "Access-Control-Request-Method") + headers.Add("Vary", "Access-Control-Request-Headers") + } + return headers +} + +func normalize(values []string) []string { + if values == nil { + return nil + } + distinctMap := make(map[string]bool, len(values)) + normalized := make([]string, 0, len(values)) + for _, value := range values { + value = strings.TrimSpace(value) + value = strings.ToLower(value) + if _, seen := distinctMap[value]; !seen { + normalized = append(normalized, value) + distinctMap[value] = true + } + } + return normalized +} + +func convert(s []string, c converter) []string { + var out []string + for _, i := range s { + out = append(out, c(i)) + } + return out +} |