Skip to content

Commit

Permalink
Merge pull request #43 from openhacku-team-a/fix-middleware-auth-referer
Browse files Browse the repository at this point in the history 
πŸ› Origin -> Referer in middleware/cors
  • Loading branch information
@Shion1305
Shion1305 authored Mar 16, 2024
2 parents 64e7394 + bd58c22 commit a9f8fb6
Showing 1 changed file with 5 additions and 7 deletions.
12 changes: 5 additions & 7 deletions svc/pkg/middleware/cors.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,16 @@ func (cr CORS) ConfigureCORS(rg *gin.RouterGroup) {
}

func (cr CORS) middleware() gin.HandlerFunc {
allowedOrigins := []string{cr.targetHost, "http://localhost:3000", "https://localhost:3001"}
allowedOrigins := []string{cr.targetHost, "http://localhost:3000"}
return func(c *gin.Context) {
origin := c.Request.Header.Get("Origin")

var allowedOrigin string
referer := c.Request.Header.Get("Referer")
allowedOrigin := ""
for _, o := range allowedOrigins {
if origin == o {
allowedOrigin = o
if referer == o || referer == o+"/" {
allowedOrigin = referer
break
}
}

c.Header("Access-Control-Allow-Origin", allowedOrigin)
c.Header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
c.Header("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, Authorization")
Expand Down

0 comments on commit a9f8fb6

Please sign in to comment.