summaryrefslogtreecommitdiffstats
path: root/modules/setting/cors.go
diff options
context:
space:
mode:
authorDaniel Baumann <daniel@debian.org>2024-10-18 20:33:49 +0200
committerDaniel Baumann <daniel@debian.org>2024-12-12 23:57:56 +0100
commite68b9d00a6e05b3a941f63ffb696f91e554ac5ec (patch)
tree97775d6c13b0f416af55314eb6a89ef792474615 /modules/setting/cors.go
parentInitial commit. (diff)
downloadforgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.tar.xz
forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.zip
Adding upstream version 9.0.3.
Signed-off-by: Daniel Baumann <daniel@debian.org>
Diffstat (limited to '')
-rw-r--r--modules/setting/cors.go34
1 files changed, 34 insertions, 0 deletions
diff --git a/modules/setting/cors.go b/modules/setting/cors.go
new file mode 100644
index 0000000..63daaad
--- /dev/null
+++ b/modules/setting/cors.go
@@ -0,0 +1,34 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package setting
+
+import (
+ "time"
+
+ "code.gitea.io/gitea/modules/log"
+)
+
+// CORSConfig defines CORS settings
+var CORSConfig = struct {
+ Enabled bool
+ AllowDomain []string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together.
+ Methods []string
+ MaxAge time.Duration
+ AllowCredentials bool
+ Headers []string
+ XFrameOptions string
+}{
+ AllowDomain: []string{"*"},
+ Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"},
+ Headers: []string{"Content-Type", "User-Agent"},
+ MaxAge: 10 * time.Minute,
+ XFrameOptions: "SAMEORIGIN",
+}
+
+func loadCorsFrom(rootCfg ConfigProvider) {
+ mustMapSetting(rootCfg, "cors", &CORSConfig)
+ if CORSConfig.Enabled {
+ log.Info("CORS Service Enabled")
+ }
+}