diff options
author | Daniel Baumann <daniel@debian.org> | 2024-10-18 20:33:49 +0200 |
---|---|---|
committer | Daniel Baumann <daniel@debian.org> | 2024-10-18 20:33:49 +0200 |
commit | dd136858f1ea40ad3c94191d647487fa4f31926c (patch) | |
tree | 58fec94a7b2a12510c9664b21793f1ed560c6518 /modules/setting/cors.go | |
parent | Initial commit. (diff) | |
download | forgejo-ef5d5baef09ca06d3e8d67f7a39f7c57e6671b5b.tar.xz forgejo-ef5d5baef09ca06d3e8d67f7a39f7c57e6671b5b.zip |
Adding upstream version 9.0.0.HEADupstream/9.0.0upstreamdebian
Signed-off-by: Daniel Baumann <daniel@debian.org>
Diffstat (limited to '')
-rw-r--r-- | modules/setting/cors.go | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/modules/setting/cors.go b/modules/setting/cors.go new file mode 100644 index 0000000..63daaad --- /dev/null +++ b/modules/setting/cors.go @@ -0,0 +1,34 @@ +// Copyright 2019 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package setting + +import ( + "time" + + "code.gitea.io/gitea/modules/log" +) + +// CORSConfig defines CORS settings +var CORSConfig = struct { + Enabled bool + AllowDomain []string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together. + Methods []string + MaxAge time.Duration + AllowCredentials bool + Headers []string + XFrameOptions string +}{ + AllowDomain: []string{"*"}, + Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"}, + Headers: []string{"Content-Type", "User-Agent"}, + MaxAge: 10 * time.Minute, + XFrameOptions: "SAMEORIGIN", +} + +func loadCorsFrom(rootCfg ConfigProvider) { + mustMapSetting(rootCfg, "cors", &CORSConfig) + if CORSConfig.Enabled { + log.Info("CORS Service Enabled") + } +} |