makary/writefreely
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #327 from Dar13/add-cors-headers-public-api

Browse source 
Add CORS header ('Access-Control-Allow-Origin') to public APIs
This commit is contained in:
Matt Baer 2020-09-01 15:01:33 -04:00 committed by GitHub
commit f75d4cb75d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
handle.go
View file

@ -601,6 +601,9 @@ func (h *Handler) AllReader(f handlerFunc) http.HandlerFunc {
log.Info(h.app.ReqLog(r, status, time.Since(start))) log.Info(h.app.ReqLog(r, status, time.Since(start)))
}() }()
// Allow any origin, as public endpoints are handled in here
w.Header().Set("Access-Control-Allow-Origin", "*");
if h.app.App().cfg.App.Private { if h.app.App().cfg.App.Private {
// This instance is private, so ensure it's being accessed by a valid user // This instance is private, so ensure it's being accessed by a valid user
// Check if authenticated with an access token // Check if authenticated with an access token