58 lines
1.6 KiB
Go
58 lines
1.6 KiB
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/rs/cors"
|
|
)
|
|
|
|
// CORSConfig defines the configuration options for CORS middleware
|
|
type CORSConfig struct {
|
|
// AllowedOrigins defines the origins that are allowed to access the resource
|
|
AllowedOrigins []string
|
|
|
|
// AllowedMethods defines the HTTP methods that are allowed
|
|
AllowedMethods []string
|
|
|
|
// AllowedHeaders defines the headers that are allowed in requests
|
|
AllowedHeaders []string
|
|
|
|
// ExposedHeaders defines the headers that can be read by the browser
|
|
ExposedHeaders []string
|
|
|
|
// AllowCredentials defines whether cookies, HTTP authentication and client SSL
|
|
// certificates can be transmitted in cross-origin requests
|
|
AllowCredentials bool
|
|
|
|
// MaxAge defines how long (in seconds) the results of a preflight request can be cached
|
|
MaxAge int
|
|
}
|
|
|
|
// DefaultCORSConfig returns a default configuration for CORS middleware
|
|
func DefaultCORSConfig() CORSConfig {
|
|
return CORSConfig{
|
|
AllowedOrigins: []string{},
|
|
AllowedMethods: []string{"GET"},
|
|
AllowedHeaders: []string{},
|
|
ExposedHeaders: []string{},
|
|
AllowCredentials: false,
|
|
MaxAge: 0,
|
|
}
|
|
}
|
|
|
|
// CORS middleware handles Cross-Origin Resource Sharing
|
|
func CORS(config CORSConfig) Middleware {
|
|
c := cors.New(cors.Options{
|
|
AllowedOrigins: config.AllowedOrigins,
|
|
AllowedMethods: config.AllowedMethods,
|
|
AllowedHeaders: config.AllowedHeaders,
|
|
ExposedHeaders: config.ExposedHeaders,
|
|
AllowCredentials: config.AllowCredentials,
|
|
MaxAge: config.MaxAge,
|
|
})
|
|
|
|
return func(next http.Handler) http.Handler {
|
|
return c.Handler(next)
|
|
}
|
|
}
|