summaryrefslogtreecommitdiff
path: root/vendor/github.com/gin-contrib
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/gin-contrib')
-rw-r--r--vendor/github.com/gin-contrib/cors/README.md211
-rw-r--r--vendor/github.com/gin-contrib/cors/config.go2
-rw-r--r--vendor/github.com/gin-contrib/sse/.golangci.yml49
-rw-r--r--vendor/github.com/gin-contrib/sse/sse-decoder.go13
-rw-r--r--vendor/github.com/gin-contrib/sse/sse-encoder.go38
-rw-r--r--vendor/github.com/gin-contrib/sse/writer.go2
6 files changed, 258 insertions, 57 deletions
diff --git a/vendor/github.com/gin-contrib/cors/README.md b/vendor/github.com/gin-contrib/cors/README.md
index d43523295..a8747dd6a 100644
--- a/vendor/github.com/gin-contrib/cors/README.md
+++ b/vendor/github.com/gin-contrib/cors/README.md
@@ -1,47 +1,89 @@
-# CORS gin's middleware
+# gin-contrib/cors
[![Run Tests](https://github.com/gin-contrib/cors/actions/workflows/go.yml/badge.svg)](https://github.com/gin-contrib/cors/actions/workflows/go.yml)
[![codecov](https://codecov.io/gh/gin-contrib/cors/branch/master/graph/badge.svg)](https://codecov.io/gh/gin-contrib/cors)
[![Go Report Card](https://goreportcard.com/badge/github.com/gin-contrib/cors)](https://goreportcard.com/report/github.com/gin-contrib/cors)
[![GoDoc](https://godoc.org/github.com/gin-contrib/cors?status.svg)](https://godoc.org/github.com/gin-contrib/cors)
-Gin middleware/handler to enable CORS support.
+- [gin-contrib/cors](#gin-contribcors)
+ - [Overview](#overview)
+ - [Installation](#installation)
+ - [Quick Start](#quick-start)
+ - [Advanced Usage](#advanced-usage)
+ - [Custom Configuration](#custom-configuration)
+ - [DefaultConfig Reference](#defaultconfig-reference)
+ - [Default() Convenience](#default-convenience)
+ - [Configuration Reference](#configuration-reference)
+ - [Notes on Configuration](#notes-on-configuration)
+ - [Examples](#examples)
+ - [Advanced Options](#advanced-options)
+ - [Custom Origin Validation](#custom-origin-validation)
+ - [With Gin Context](#with-gin-context)
+ - [Helper Methods](#helper-methods)
+ - [Validation \& Error Handling](#validation--error-handling)
+ - [Important Notes](#important-notes)
-## Usage
+---
-### Start using it
+## Overview
-Download and install it:
+**CORS (Cross-Origin Resource Sharing)** middleware for [Gin](https://github.com/gin-gonic/gin).
+
+- Enables flexible CORS handling for your Gin-based APIs.
+- Highly configurable: origins, methods, headers, credentials, and more.
+
+---
+
+## Installation
```sh
go get github.com/gin-contrib/cors
```
-Import it in your code:
+Import in your Go code:
```go
import "github.com/gin-contrib/cors"
```
-### Canonical example
+---
+
+## Quick Start
+
+Allow all origins (default):
```go
-package main
+import (
+ "github.com/gin-contrib/cors"
+ "github.com/gin-gonic/gin"
+)
+
+func main() {
+ router := gin.Default()
+ router.Use(cors.Default()) // All origins allowed by default
+ router.Run()
+}
+```
+
+> ⚠️ **Warning:** Allowing all origins disables cookies for clients. For credentialed requests, **do not** allow all origins.
+
+---
+
+## Advanced Usage
+### Custom Configuration
+
+Configure allowed origins, methods, headers, and more:
+
+```go
import (
"time"
-
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
)
func main() {
router := gin.Default()
- // CORS for https://foo.com and https://github.com origins, allowing:
- // - PUT and PATCH methods
- // - Origin header
- // - Credentials share
- // - Preflight requests cached for 12 hours
router.Use(cors.New(cors.Config{
AllowOrigins: []string{"https://foo.com"},
AllowMethods: []string{"PUT", "PATCH"},
@@ -57,15 +99,20 @@ func main() {
}
```
-### Using DefaultConfig as start point
+---
+
+### DefaultConfig Reference
+
+Start with library defaults and customize as needed:
```go
+import (
+ "github.com/gin-contrib/cors"
+ "github.com/gin-gonic/gin"
+)
+
func main() {
router := gin.Default()
- // - No origin allowed by default
- // - GET,POST, PUT, HEAD methods
- // - Credentials share disabled
- // - Preflight requests cached for 12 hours
config := cors.DefaultConfig()
config.AllowOrigins = []string{"http://google.com"}
// config.AllowOrigins = []string{"http://google.com", "http://facebook.com"}
@@ -76,20 +123,124 @@ func main() {
}
```
-Note: while Default() allows all origins, DefaultConfig() does not and you will still have to use AllowAllOrigins.
+> **Note:** `Default()` allows all origins, but `DefaultConfig()` does **not**. To allow all origins, set `AllowAllOrigins = true`.
+
+---
+
+### Default() Convenience
-### Default() allows all origins
+Enable all origins with a single call:
```go
-func main() {
- router := gin.Default()
- // same as
- // config := cors.DefaultConfig()
- // config.AllowAllOrigins = true
- // router.Use(cors.New(config))
- router.Use(cors.Default())
- router.Run()
+router.Use(cors.Default()) // Equivalent to AllowAllOrigins = true
+```
+
+---
+
+## Configuration Reference
+
+The middleware is controlled via the `cors.Config` struct. All fields are optional unless otherwise stated.
+
+| Field | Type | Default | Description |
+|-------------------------------|-----------------------------|-----------------------------------------------------------|-----------------------------------------------------------------------------------------------|
+| `AllowAllOrigins` | `bool` | `false` | If true, allows all origins. Credentials **cannot** be used. |
+| `AllowOrigins` | `[]string` | `[]` | List of allowed origins. Supports exact match, `*`, and wildcards. |
+| `AllowOriginFunc` | `func(string) bool` | `nil` | Custom function to validate origin. If set, `AllowOrigins` is ignored. |
+| `AllowOriginWithContextFunc` | `func(*gin.Context,string)bool` | `nil` | Like `AllowOriginFunc`, but with request context. |
+| `AllowMethods` | `[]string` | `[]string{"GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"}` | Allowed HTTP methods. |
+| `AllowPrivateNetwork` | `bool` | `false` | Adds [Private Network Access](https://wicg.github.io/private-network-access/) CORS header. |
+| `AllowHeaders` | `[]string` | `[]` | List of non-simple headers permitted in requests. |
+| `AllowCredentials` | `bool` | `false` | Allow cookies, HTTP auth, or client certs. Only if precise origins are used. |
+| `ExposeHeaders` | `[]string` | `[]` | Headers exposed to the browser. |
+| `MaxAge` | `time.Duration` | `12 * time.Hour` | Cache time for preflight requests. |
+| `AllowWildcard` | `bool` | `false` | Enables wildcards in origins (e.g. `https://*.example.com`). |
+| `AllowBrowserExtensions` | `bool` | `false` | Allow browser extension schemes as origins (e.g. `chrome-extension://`). |
+| `CustomSchemas` | `[]string` | `nil` | Additional allowed URI schemes (e.g. `tauri://`). |
+| `AllowWebSockets` | `bool` | `false` | Allow `ws://` and `wss://` schemas. |
+| `AllowFiles` | `bool` | `false` | Allow `file://` origins (dangerous; use only if necessary). |
+| `OptionsResponseStatusCode` | `int` | `204` | Custom status code for `OPTIONS` responses. |
+
+---
+
+### Notes on Configuration
+
+- Only one of `AllowAllOrigins`, `AllowOrigins`, `AllowOriginFunc`, or `AllowOriginWithContextFunc` should be set.
+- If `AllowAllOrigins` is true, other origin settings are ignored and credentialed requests are not allowed.
+- If `AllowWildcard` is enabled, only one `*` is allowed per origin string.
+- Use `AllowBrowserExtensions`, `AllowWebSockets`, or `AllowFiles` to permit non-HTTP(s) protocols as origins.
+- Custom schemas allow, for example, usage in desktop apps via custom URI schemes (`tauri://`, etc.).
+- If both `AllowOriginFunc` and `AllowOriginWithContextFunc` are set, the context-specific function is preferred.
+
+---
+
+### Examples
+
+#### Advanced Options
+
+```go
+config := cors.Config{
+ AllowOrigins: []string{"https://*.foo.com", "https://bar.com"},
+ AllowWildcard: true,
+ AllowMethods: []string{"GET", "POST"},
+ AllowHeaders: []string{"Authorization", "Content-Type"},
+ AllowCredentials: true,
+ AllowBrowserExtensions: true,
+ AllowWebSockets: true,
+ AllowFiles: false,
+ CustomSchemas: []string{"tauri://"},
+ MaxAge: 24 * time.Hour,
+ ExposeHeaders: []string{"X-Custom-Header"},
+ AllowPrivateNetwork: true,
+}
+```
+
+#### Custom Origin Validation
+
+```go
+config := cors.Config{
+ AllowOriginFunc: func(origin string) bool {
+ // Allow any github.com subdomain or a custom rule
+ return strings.HasSuffix(origin, "github.com")
+ },
}
```
-Using all origins disables the ability for Gin to set cookies for clients. When dealing with credentials, don't allow all origins.
+#### With Gin Context
+
+```go
+config := cors.Config{
+ AllowOriginWithContextFunc: func(c *gin.Context, origin string) bool {
+ // Allow only if a certain header is present
+ return c.Request.Header.Get("X-Allow-CORS") == "yes"
+ },
+}
+```
+
+---
+
+## Helper Methods
+
+Dynamically add methods or headers to the config:
+
+```go
+config.AddAllowMethods("DELETE", "OPTIONS")
+config.AddAllowHeaders("X-My-Header")
+config.AddExposeHeaders("X-Other-Header")
+```
+
+---
+
+## Validation & Error Handling
+
+- Calling `Validate()` on a `Config` checks for misconfiguration (called internally).
+- If `AllowAllOrigins` is set, you cannot also set `AllowOrigins` or any `AllowOriginFunc`.
+- If neither `AllowAllOrigins`, `AllowOriginFunc`, nor `AllowOrigins` is set, an error is raised.
+- If an `AllowOrigin` contains a wildcard but `AllowWildcard` is not enabled, or more than one `*` is present, a panic is triggered.
+- Invalid origin schemas or unsupported wildcards are rejected.
+
+---
+
+## Important Notes
+
+- **Enabling all origins disables cookies:** When `AllowAllOrigins` is enabled, Gin cannot set cookies for clients. If you need credential sharing (cookies, authentication headers), **do not** allow all origins.
+- For detailed documentation and configuration options, see the [GoDoc](https://godoc.org/github.com/gin-contrib/cors).
diff --git a/vendor/github.com/gin-contrib/cors/config.go b/vendor/github.com/gin-contrib/cors/config.go
index a955c3171..76e15a880 100644
--- a/vendor/github.com/gin-contrib/cors/config.go
+++ b/vendor/github.com/gin-contrib/cors/config.go
@@ -87,7 +87,7 @@ func (cors *cors) applyCors(c *gin.Context) {
return
}
- if c.Request.Method == "OPTIONS" {
+ if c.Request.Method == http.MethodOptions {
cors.handlePreflight(c)
defer c.AbortWithStatus(cors.optionsResponseStatusCode)
} else {
diff --git a/vendor/github.com/gin-contrib/sse/.golangci.yml b/vendor/github.com/gin-contrib/sse/.golangci.yml
index 4c44c5fae..47094ac61 100644
--- a/vendor/github.com/gin-contrib/sse/.golangci.yml
+++ b/vendor/github.com/gin-contrib/sse/.golangci.yml
@@ -1,3 +1,50 @@
+version: "2"
linters:
- disable:
+ default: none
+ enable:
+ - bodyclose
+ - dogsled
+ - dupl
- errcheck
+ - exhaustive
+ - gochecknoinits
+ - goconst
+ - gocritic
+ - gocyclo
+ - goprintffuncname
+ - gosec
+ - govet
+ - ineffassign
+ - lll
+ - misspell
+ - nakedret
+ - noctx
+ - nolintlint
+ - rowserrcheck
+ - staticcheck
+ - unconvert
+ - unparam
+ - unused
+ - whitespace
+ exclusions:
+ generated: lax
+ presets:
+ - comments
+ - common-false-positives
+ - legacy
+ - std-error-handling
+ paths:
+ - third_party$
+ - builtin$
+ - examples$
+formatters:
+ enable:
+ - gofmt
+ - gofumpt
+ - goimports
+ exclusions:
+ generated: lax
+ paths:
+ - third_party$
+ - builtin$
+ - examples$
diff --git a/vendor/github.com/gin-contrib/sse/sse-decoder.go b/vendor/github.com/gin-contrib/sse/sse-decoder.go
index fd49b9c37..da2c2d4b6 100644
--- a/vendor/github.com/gin-contrib/sse/sse-decoder.go
+++ b/vendor/github.com/gin-contrib/sse/sse-decoder.go
@@ -7,7 +7,6 @@ package sse
import (
"bytes"
"io"
- "io/ioutil"
)
type decoder struct {
@@ -22,7 +21,8 @@ func Decode(r io.Reader) ([]Event, error) {
func (d *decoder) dispatchEvent(event Event, data string) {
dataLength := len(data)
if dataLength > 0 {
- //If the data buffer's last character is a U+000A LINE FEED (LF) character, then remove the last character from the data buffer.
+ // If the data buffer's last character is a U+000A LINE FEED (LF) character,
+ // then remove the last character from the data buffer.
data = data[:dataLength-1]
dataLength--
}
@@ -37,13 +37,13 @@ func (d *decoder) dispatchEvent(event Event, data string) {
}
func (d *decoder) decode(r io.Reader) ([]Event, error) {
- buf, err := ioutil.ReadAll(r)
+ buf, err := io.ReadAll(r)
if err != nil {
return nil, err
}
var currentEvent Event
- var dataBuffer *bytes.Buffer = new(bytes.Buffer)
+ dataBuffer := new(bytes.Buffer)
// TODO (and unit tests)
// Lines must be separated by either a U+000D CARRIAGE RETURN U+000A LINE FEED (CRLF) character pair,
// a single U+000A LINE FEED (LF) character,
@@ -96,7 +96,8 @@ func (d *decoder) decode(r io.Reader) ([]Event, error) {
currentEvent.Id = string(value)
case "retry":
// If the field value consists of only characters in the range U+0030 DIGIT ZERO (0) to U+0039 DIGIT NINE (9),
- // then interpret the field value as an integer in base ten, and set the event stream's reconnection time to that integer.
+ // then interpret the field value as an integer in base ten, and set the event stream's
+ // reconnection time to that integer.
// Otherwise, ignore the field.
currentEvent.Id = string(value)
case "data":
@@ -105,7 +106,7 @@ func (d *decoder) decode(r io.Reader) ([]Event, error) {
// then append a single U+000A LINE FEED (LF) character to the data buffer.
dataBuffer.WriteString("\n")
default:
- //Otherwise. The field is ignored.
+ // Otherwise. The field is ignored.
continue
}
}
diff --git a/vendor/github.com/gin-contrib/sse/sse-encoder.go b/vendor/github.com/gin-contrib/sse/sse-encoder.go
index 0d26c82f0..9ebb49f41 100644
--- a/vendor/github.com/gin-contrib/sse/sse-encoder.go
+++ b/vendor/github.com/gin-contrib/sse/sse-encoder.go
@@ -20,8 +20,10 @@ import (
const ContentType = "text/event-stream;charset=utf-8"
-var contentType = []string{ContentType}
-var noCache = []string{"no-cache"}
+var (
+ contentType = []string{ContentType}
+ noCache = []string{"no-cache"}
+)
var fieldReplacer = strings.NewReplacer(
"\n", "\\n",
@@ -48,48 +50,48 @@ func Encode(writer io.Writer, event Event) error {
func writeId(w stringWriter, id string) {
if len(id) > 0 {
- w.WriteString("id:")
- fieldReplacer.WriteString(w, id)
- w.WriteString("\n")
+ _, _ = w.WriteString("id:")
+ _, _ = fieldReplacer.WriteString(w, id)
+ _, _ = w.WriteString("\n")
}
}
func writeEvent(w stringWriter, event string) {
if len(event) > 0 {
- w.WriteString("event:")
- fieldReplacer.WriteString(w, event)
- w.WriteString("\n")
+ _, _ = w.WriteString("event:")
+ _, _ = fieldReplacer.WriteString(w, event)
+ _, _ = w.WriteString("\n")
}
}
func writeRetry(w stringWriter, retry uint) {
if retry > 0 {
- w.WriteString("retry:")
- w.WriteString(strconv.FormatUint(uint64(retry), 10))
- w.WriteString("\n")
+ _, _ = w.WriteString("retry:")
+ _, _ = w.WriteString(strconv.FormatUint(uint64(retry), 10))
+ _, _ = w.WriteString("\n")
}
}
func writeData(w stringWriter, data interface{}) error {
- w.WriteString("data:")
+ _, _ = w.WriteString("data:")
bData, ok := data.([]byte)
if ok {
- dataReplacer.WriteString(w, string(bData))
- w.WriteString("\n\n")
+ _, _ = dataReplacer.WriteString(w, string(bData))
+ _, _ = w.WriteString("\n\n")
return nil
}
- switch kindOfData(data) {
+ switch kindOfData(data) { //nolint:exhaustive
case reflect.Struct, reflect.Slice, reflect.Map:
err := json.NewEncoder(w).Encode(data)
if err != nil {
return err
}
- w.WriteString("\n")
+ _, _ = w.WriteString("\n")
default:
- dataReplacer.WriteString(w, fmt.Sprint(data))
- w.WriteString("\n\n")
+ _, _ = dataReplacer.WriteString(w, fmt.Sprint(data))
+ _, _ = w.WriteString("\n\n")
}
return nil
}
diff --git a/vendor/github.com/gin-contrib/sse/writer.go b/vendor/github.com/gin-contrib/sse/writer.go
index 6f9806c55..724d9d07d 100644
--- a/vendor/github.com/gin-contrib/sse/writer.go
+++ b/vendor/github.com/gin-contrib/sse/writer.go
@@ -12,7 +12,7 @@ type stringWrapper struct {
}
func (w stringWrapper) WriteString(str string) (int, error) {
- return w.Writer.Write([]byte(str))
+ return w.Write([]byte(str))
}
func checkWriter(writer io.Writer) stringWriter {
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-02 21:55:32 +0000