Writefreely/writefreely
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #327 from Dar13/add-cors-headers-public-api

Browse Source 
Add CORS header ('Access-Control-Allow-Origin') to public APIs
This commit is contained in:
Matt Baer 2020-09-01 15:01:33 -04:00 committed by GitHub
commit f75d4cb75d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
handle.go
View File

@ -601,6 +601,9 @@ func (h *Handler) AllReader(f handlerFunc) http.HandlerFunc {
log.Info(h.app.ReqLog(r, status, time.Since(start)))
}()
// Allow any origin, as public endpoints are handled in here
w.Header().Set("Access-Control-Allow-Origin", "*");
if h.app.App().cfg.App.Private {
// This instance is private, so ensure it's being accessed by a valid user
// Check if authenticated with an access token