2019-05-13 17:38:53 +02:00
|
|
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
2022-11-27 19:20:29 +01:00
|
|
|
// SPDX-License-Identifier: MIT
|
2019-05-13 17:38:53 +02:00
|
|
|
|
|
|
|
package setting
|
|
|
|
|
|
|
|
import (
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"code.gitea.io/gitea/modules/log"
|
|
|
|
)
|
|
|
|
|
2022-01-20 18:46:10 +01:00
|
|
|
// CORSConfig defines CORS settings
|
|
|
|
var CORSConfig = struct {
|
|
|
|
Enabled bool
|
|
|
|
Scheme string
|
|
|
|
AllowDomain []string
|
|
|
|
AllowSubdomain bool
|
|
|
|
Methods []string
|
|
|
|
MaxAge time.Duration
|
|
|
|
AllowCredentials bool
|
2022-11-11 07:39:27 +01:00
|
|
|
Headers []string
|
2022-01-20 18:46:10 +01:00
|
|
|
XFrameOptions string
|
|
|
|
}{
|
2023-04-19 22:23:25 +02:00
|
|
|
AllowDomain: []string{"*"},
|
|
|
|
Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"},
|
2022-11-11 07:39:27 +01:00
|
|
|
Headers: []string{"Content-Type", "User-Agent"},
|
2023-04-19 22:23:25 +02:00
|
|
|
MaxAge: 10 * time.Minute,
|
2022-01-20 18:46:10 +01:00
|
|
|
XFrameOptions: "SAMEORIGIN",
|
|
|
|
}
|
2019-05-13 17:38:53 +02:00
|
|
|
|
2023-02-19 17:12:01 +01:00
|
|
|
func loadCorsFrom(rootCfg ConfigProvider) {
|
|
|
|
mustMapSetting(rootCfg, "cors", &CORSConfig)
|
2020-01-29 08:47:46 +01:00
|
|
|
if CORSConfig.Enabled {
|
2019-05-13 17:38:53 +02:00
|
|
|
log.Info("CORS Service Enabled")
|
|
|
|
}
|
|
|
|
}
|