Fix logic error for when setting allowedAllOrigins and allowedCredentials
`Access-Control-Allow-Origin` should returning `Origin` originally of requests when allowCredentials and allowAllOrigins.
This commit is contained in:
parent
d075cad469
commit
dbbc835584
@ -8,6 +8,7 @@ import (
|
|||||||
|
|
||||||
type cors struct {
|
type cors struct {
|
||||||
allowAllOrigins bool
|
allowAllOrigins bool
|
||||||
|
allowCredentials bool
|
||||||
allowOriginFunc func(string) bool
|
allowOriginFunc func(string) bool
|
||||||
allowOrigins []string
|
allowOrigins []string
|
||||||
exposeHeaders []string
|
exposeHeaders []string
|
||||||
@ -22,6 +23,7 @@ func newCors(config Config) *cors {
|
|||||||
return &cors{
|
return &cors{
|
||||||
allowOriginFunc: config.AllowOriginFunc,
|
allowOriginFunc: config.AllowOriginFunc,
|
||||||
allowAllOrigins: config.AllowAllOrigins,
|
allowAllOrigins: config.AllowAllOrigins,
|
||||||
|
allowCredentials: config.AllowCredentials,
|
||||||
allowOrigins: normalize(config.AllowOrigins),
|
allowOrigins: normalize(config.AllowOrigins),
|
||||||
normalHeaders: generateNormalHeaders(config),
|
normalHeaders: generateNormalHeaders(config),
|
||||||
preflightHeaders: generatePreflightHeaders(config),
|
preflightHeaders: generatePreflightHeaders(config),
|
||||||
@ -46,7 +48,7 @@ func (cors *cors) applyCors(c *gin.Context) {
|
|||||||
cors.handleNormal(c)
|
cors.handleNormal(c)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !cors.allowAllOrigins {
|
if !cors.allowAllOrigins && !cors.allowCredentials {
|
||||||
c.Header("Access-Control-Allow-Origin", origin)
|
c.Header("Access-Control-Allow-Origin", origin)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user