forgejo/modules/setting/cors.go

35 lines
973 B
Go
Raw Normal View History

2019-05-13 17:38:53 +02:00
// Copyright 2019 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
2019-05-13 17:38:53 +02:00
package setting
import (
"time"
"code.gitea.io/gitea/modules/log"
)
// CORSConfig defines CORS settings
var CORSConfig = struct {
Enabled bool
AllowDomain []string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together.
Methods []string
MaxAge time.Duration
AllowCredentials bool
Headers []string
XFrameOptions string
}{
AllowDomain: []string{"*"},
Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"},
Headers: []string{"Content-Type", "User-Agent"},
MaxAge: 10 * time.Minute,
XFrameOptions: "SAMEORIGIN",
}
2019-05-13 17:38:53 +02:00
func loadCorsFrom(rootCfg ConfigProvider) {
mustMapSetting(rootCfg, "cors", &CORSConfig)
if CORSConfig.Enabled {
2019-05-13 17:38:53 +02:00
log.Info("CORS Service Enabled")
}
}