diff options
Diffstat (limited to 'vendor/github.com/gin-contrib/cors/cors.go')
| -rw-r--r-- | vendor/github.com/gin-contrib/cors/cors.go | 171 |
1 files changed, 0 insertions, 171 deletions
diff --git a/vendor/github.com/gin-contrib/cors/cors.go b/vendor/github.com/gin-contrib/cors/cors.go deleted file mode 100644 index d6d06de03..000000000 --- a/vendor/github.com/gin-contrib/cors/cors.go +++ /dev/null @@ -1,171 +0,0 @@ -package cors - -import ( - "errors" - "strings" - "time" - - "github.com/gin-gonic/gin" -) - -// Config represents all available options for the middleware. -type Config struct { - AllowAllOrigins bool - - // AllowOrigins is a list of origins a cross-domain request can be executed from. - // If the special "*" value is present in the list, all origins will be allowed. - // Default value is [] - AllowOrigins []string - - // AllowOriginFunc is a custom function to validate the origin. It take the origin - // as argument and returns true if allowed or false otherwise. If this option is - // set, the content of AllowOrigins is ignored. - AllowOriginFunc func(origin string) bool - - // AllowMethods is a list of methods the client is allowed to use with - // cross-domain requests. Default value is simple methods (GET and POST) - AllowMethods []string - - // AllowHeaders is list of non simple headers the client is allowed to use with - // cross-domain requests. - AllowHeaders []string - - // AllowCredentials indicates whether the request can include user credentials like - // cookies, HTTP authentication or client side SSL certificates. - AllowCredentials bool - - // ExposedHeaders indicates which headers are safe to expose to the API of a CORS - // API specification - ExposeHeaders []string - - // MaxAge indicates how long (in seconds) the results of a preflight request - // can be cached - MaxAge time.Duration - - // Allows to add origins like http://some-domain/*, https://api.* or http://some.*.subdomain.com - AllowWildcard bool - - // Allows usage of popular browser extensions schemas - AllowBrowserExtensions bool - - // Allows usage of WebSocket protocol - AllowWebSockets bool - - // Allows usage of file:// schema (dangerous!) use it only when you 100% sure it's needed - AllowFiles bool -} - -// AddAllowMethods is allowed to add custom methods -func (c *Config) AddAllowMethods(methods ...string) { - c.AllowMethods = append(c.AllowMethods, methods...) -} - -// AddAllowHeaders is allowed to add custom headers -func (c *Config) AddAllowHeaders(headers ...string) { - c.AllowHeaders = append(c.AllowHeaders, headers...) -} - -// AddExposeHeaders is allowed to add custom expose headers -func (c *Config) AddExposeHeaders(headers ...string) { - c.ExposeHeaders = append(c.ExposeHeaders, headers...) -} - -func (c Config) getAllowedSchemas() []string { - allowedSchemas := DefaultSchemas - if c.AllowBrowserExtensions { - allowedSchemas = append(allowedSchemas, ExtensionSchemas...) - } - if c.AllowWebSockets { - allowedSchemas = append(allowedSchemas, WebSocketSchemas...) - } - if c.AllowFiles { - allowedSchemas = append(allowedSchemas, FileSchemas...) - } - return allowedSchemas -} - -func (c Config) validateAllowedSchemas(origin string) bool { - allowedSchemas := c.getAllowedSchemas() - for _, schema := range allowedSchemas { - if strings.HasPrefix(origin, schema) { - return true - } - } - return false -} - -// Validate is check configuration of user defined. -func (c *Config) Validate() error { - if c.AllowAllOrigins && (c.AllowOriginFunc != nil || len(c.AllowOrigins) > 0) { - return errors.New("conflict settings: all origins are allowed. AllowOriginFunc or AllowOrigins is not needed") - } - if !c.AllowAllOrigins && c.AllowOriginFunc == nil && len(c.AllowOrigins) == 0 { - return errors.New("conflict settings: all origins disabled") - } - for _, origin := range c.AllowOrigins { - if origin == "*" { - c.AllowAllOrigins = true - return nil - } else if !strings.Contains(origin, "*") && !c.validateAllowedSchemas(origin) { - return errors.New("bad origin: origins must contain '*' or include " + strings.Join(c.getAllowedSchemas(), ",")) - } - } - return nil -} - -func (c Config) parseWildcardRules() [][]string { - var wRules [][]string - - if !c.AllowWildcard { - return wRules - } - - for _, o := range c.AllowOrigins { - if !strings.Contains(o, "*") { - continue - } - - if c := strings.Count(o, "*"); c > 1 { - panic(errors.New("only one * is allowed").Error()) - } - - i := strings.Index(o, "*") - if i == 0 { - wRules = append(wRules, []string{"*", o[1:]}) - continue - } - if i == (len(o) - 1) { - wRules = append(wRules, []string{o[:i-1], "*"}) - continue - } - - wRules = append(wRules, []string{o[:i], o[i+1:]}) - } - - return wRules -} - -// DefaultConfig returns a generic default configuration mapped to localhost. -func DefaultConfig() Config { - return Config{ - AllowMethods: []string{"GET", "POST", "PUT", "PATCH", "DELETE", "HEAD"}, - AllowHeaders: []string{"Origin", "Content-Length", "Content-Type"}, - AllowCredentials: false, - MaxAge: 12 * time.Hour, - } -} - -// Default returns the location middleware with default configuration. -func Default() gin.HandlerFunc { - config := DefaultConfig() - config.AllowAllOrigins = true - return New(config) -} - -// New returns the location middleware with user-defined custom configuration. -func New(config Config) gin.HandlerFunc { - cors := newCors(config) - return func(c *gin.Context) { - cors.applyCors(c) - } -} |