Mirroristas/owncast
2
0
Fork 0
mirror of https://github.com/owncast/owncast.git synced 2024-10-10 19:16:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Explicitly add CORS wildcard on all OPTIONS requests

Browse Source
This commit is contained in:
Gabe Kangas 2021-07-28 12:47:15 -07:00
parent 509c658080
commit 810b0cd5da
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
router/middleware/auth.go
View File

@ -58,6 +58,8 @@ func RequireExternalAPIAccessToken(scope string, handler ExternalAccessTokenHand
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// We should accept 3rd party preflight OPTIONS requests. // We should accept 3rd party preflight OPTIONS requests.
if r.Method == "OPTIONS" { if r.Method == "OPTIONS" {
// All OPTIONS requests should have a wildcard CORS header.
w.Header().Set("Access-Control-Allow-Origin", "*")
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
return return
} }
@ -77,7 +79,7 @@ func RequireExternalAPIAccessToken(scope string, handler ExternalAccessTokenHand
return return
} }
// All valid 3rd party requests should have a wildcard CORS header. // All auth'ed 3rd party requests should have a wildcard CORS header.
w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Access-Control-Allow-Origin", "*")
handler(*integration, w, r) handler(*integration, w, r)