extern/rclone
1
0
Fork 0
mirror of https://github.com/rclone/rclone.git synced 2025-08-21 10:30:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

http servers: allow CORS to be set with --allow-origin flag - fixes #5078

Browse Source 
Some changes about test cases:
Because MiddlewareCORS will return early on OPTIONS request,
this middleware should only be used once at NewServer function.
Test cases should pass AllowOrigin config instead of adding
this middleware again.

A new test case was added to test CORS preflight request with
an authenticator. Preflight request should always return 200 OK
regardless of autentications.

Co-authored-by: yuudi <yuudi@users.noreply.github.com>
This commit is contained in:
yuudi
2023-07-26 05:15:54 -04:00
committed by GitHub
parent 3ed4a2e963
commit 6c8148ef39
8 changed files with 95 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/http/middleware.go
View File

@@ -181,6 +181,13 @@ func MiddlewareCORS(allowOrigin string) Middleware {
w.Header().Add("Access-Control-Request-Method", "POST, OPTIONS, GET, HEAD")
w.Header().Add("Access-Control-Allow-Headers", "authorization, Content-Type")
if r.Method == "OPTIONS" {
w.WriteHeader(http.StatusOK)
return
// Because CORS preflight OPTIONS requests are not authenticated,
// and require a 200 OK response, we will return early here.
}
next.ServeHTTP(w, r)
})
}