http servers: allow CORS to be set with --allow-origin flag - fixes #5078

Some changes about test cases: Because MiddlewareCORS will return early on OPTIONS request, this middleware should only be used once at NewServer function. Test cases should pass AllowOrigin config instead of adding this middleware again. A new test case was added to test CORS preflight request with an authenticator. Preflight request should always return 200 OK regardless of autentications. Co-authored-by: yuudi <yuudi@users.noreply.github.com>
2025-08-19 01:46:31 +02:00 · 2023-07-26 05:15:54 -04:00
parent 3ed4a2e963
commit 6c8148ef39
8 changed files with 95 additions and 75 deletions
--- a/lib/http/server_test.go
+++ b/lib/http/server_test.go
@@ -82,8 +82,6 @@ func TestNewServerUnix(t *testing.T) {

 	require.Empty(t, s.URLs(), "unix socket should not appear in URLs")

-	s.Router().Use(MiddlewareCORS(""))
-
 	expected := []byte("hello world")
 	s.Router().Mount("/", testEchoHandler(expected))
 	s.Serve()