mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2024-12-02 21:45:27 +00:00
Fix CORS / add Access-Control-Allow-Origin * to all methods (#69)
The header is not only necessary on the OPTIONS request, but on any method, so I removed the condition. Serving any workadventure map was broken BTW. We should have tested this :-( Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/69 Reviewed-by: Andreas Shimokawa <ashimokawa@noreply.codeberg.org> Co-authored-by: Otto Richter <otto@codeberg.org> Co-committed-by: Otto Richter <otto@codeberg.org>
This commit is contained in:
parent
1e4dfe2ae8
commit
a2c5376d9a
@ -54,7 +54,6 @@ func Handler(mainDomainSuffix, rawDomain []byte,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Allow CORS for specified domains
|
// Allow CORS for specified domains
|
||||||
if ctx.IsOptions() {
|
|
||||||
allowCors := false
|
allowCors := false
|
||||||
for _, allowedCorsDomain := range allowedCorsDomains {
|
for _, allowedCorsDomain := range allowedCorsDomains {
|
||||||
if bytes.Equal(trimmedHost, allowedCorsDomain) {
|
if bytes.Equal(trimmedHost, allowedCorsDomain) {
|
||||||
@ -67,6 +66,7 @@ func Handler(mainDomainSuffix, rawDomain []byte,
|
|||||||
ctx.Response.Header.Set("Access-Control-Allow-Methods", "GET, HEAD")
|
ctx.Response.Header.Set("Access-Control-Allow-Methods", "GET, HEAD")
|
||||||
}
|
}
|
||||||
ctx.Response.Header.Set("Allow", "GET, HEAD, OPTIONS")
|
ctx.Response.Header.Set("Allow", "GET, HEAD, OPTIONS")
|
||||||
|
if ctx.IsOptions() {
|
||||||
ctx.Response.Header.SetStatusCode(fasthttp.StatusNoContent)
|
ctx.Response.Header.SetStatusCode(fasthttp.StatusNoContent)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user