Merge pull request #253 from philips/add-Access-Control-Allow-Methods

fix(handlers): add Access-Control-Allow-Methods to cors
2024-09-27 06:25:44 +00:00 · 2013-10-23 14:04:22 -07:00
parent c697767c47 55f9045561
commit 9ed2776639
1 changed files with 12 additions and 9 deletions
--- a/etcd_handlers.go
+++ b/etcd_handlers.go
@@ -53,18 +53,21 @@ type errorHandler func(http.ResponseWriter, *http.Request) error
 // provided allowed origins and sets the Access-Control-Allow-Origin header if
 // there is a match.
 func addCorsHeader(w http.ResponseWriter, r *http.Request) {
-	val, ok := corsList["*"]
-	if val && ok {
-		w.Header().Add("Access-Control-Allow-Origin", "*")
+	addHeaders := func(origin string) bool {
+		val, ok := corsList[origin]
+		if val == false || ok == false {
+			return false
+		}
+		w.Header().Add("Access-Control-Allow-Origin", origin)
+		w.Header().Add("Access-Control-Allow-Methods", "POST, GET, PUT, DELETE, OPTIONS")
+		return true
+	}
+
+	if addHeaders("*") == true {
 		return
 	}

-	requestOrigin := r.Header.Get("Origin")
-	val, ok = corsList[requestOrigin]
-	if val && ok {
-		w.Header().Add("Access-Control-Allow-Origin", requestOrigin)
-		return
-	}
+	addHeaders(r.Header.Get("Origin"))
 }

 func (fn errorHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {