Mirrors/kararas_iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-12-17 09:57:01 +00:00
Code Releases Activity

cors: add vary header

Browse Source 
looking for a CORS middleware with more options? Take a look at iris-contrib/middleware/cors instead
This commit is contained in:
Gerasimos (Makis) Maropoulos
2022-03-03 02:31:01 +02:00
parent da50af4ffd
commit f397c30caf
2 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -2,7 +2,7 @@
# News
> This is the under-**development branch**. Stay tuned for the upcoming release [v12.2.0](HISTORY.md#Next). Looking for a stable release? Head over to the [v12.1.8 branch](https://github.com/kataras/iris/tree/v12.1.8) instead.
> This is the under-**development branch** - contains the latest and greatest features. Stay tuned for the upcoming release [v12.2.0](HISTORY.md#Next). Looking for a more stable release? Head over to the [v12.1.8 branch](https://github.com/kataras/iris/tree/v12.1.8) instead.
>
> ![](https://iris-go.com/images/cli.png) Try the official [Iris Command Line Interface](https://github.com/kataras/iris-cli) today!

23
middleware/cors/cors.go
View File

@@ -267,17 +267,30 @@ const (
allowCredentialsHeader = "Access-Control-Allow-Credentials"
referrerPolicyHeader = "Referrer-Policy"
exposeHeadersHeader = "Access-Control-Expose-Headers"
allowMethodsHeader = "Access-Control-Allow-Methods"
allowAllMethodsValue = "*"
allowHeadersHeader = "Access-Control-Allow-Headers"
maxAgeHeader = "Access-Control-Max-Age"
requestMethodHeader = "Access-Control-Request-Method"
requestHeadersHeader = "Access-Control-Request-Headers"
allowMethodsHeader = "Access-Control-Allow-Methods"
allowAllMethodsValue = "*"
allowHeadersHeader = "Access-Control-Allow-Headers"
maxAgeHeader = "Access-Control-Max-Age"
varyHeader = "Vary"
)
func (c *CORS) addVaryHeaders(ctx *context.Context) {
ctx.Header(varyHeader, originRequestHeader)
if ctx.Method() == http.MethodOptions {
ctx.Header(varyHeader, requestMethodHeader)
ctx.Header(varyHeader, requestHeadersHeader)
}
}
// Handler method returns the Iris CORS Handler with basic features.
// Note that the caller should NOT modify any of the CORS instance fields afterwards.
func (c *CORS) Handler() context.Handler {
return func(ctx *context.Context) {
c.addVaryHeaders(ctx) // add vary headers at any case.
origin, ok := c.extractOriginFunc(ctx)
if !ok || !c.allowOriginFunc(ctx, origin) {
c.errorHandler(ctx, ErrOriginNotAllowed)