diff options
| author | Daniel Baumann <daniel@debian.org> | 2024-10-18 20:33:49 +0200 |
|---|---|---|
| committer | Daniel Baumann <daniel@debian.org> | 2024-12-12 23:57:56 +0100 |
| commit | e68b9d00a6e05b3a941f63ffb696f91e554ac5ec (patch) | |
| tree | 97775d6c13b0f416af55314eb6a89ef792474615 /modules/setting/cors.go | |
| parent | Initial commit. (diff) | |
| download | forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.tar.xz forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.zip | |
Adding upstream version 9.0.3.
Signed-off-by: Daniel Baumann <daniel@debian.org>
Diffstat (limited to 'modules/setting/cors.go')
| -rw-r--r-- | modules/setting/cors.go | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/modules/setting/cors.go b/modules/setting/cors.go new file mode 100644 index 0000000..63daaad --- /dev/null +++ b/modules/setting/cors.go @@ -0,0 +1,34 @@ +// Copyright 2019 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package setting + +import ( + "time" + + "code.gitea.io/gitea/modules/log" +) + +// CORSConfig defines CORS settings +var CORSConfig = struct { + Enabled bool + AllowDomain []string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together. + Methods []string + MaxAge time.Duration + AllowCredentials bool + Headers []string + XFrameOptions string +}{ + AllowDomain: []string{"*"}, + Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"}, + Headers: []string{"Content-Type", "User-Agent"}, + MaxAge: 10 * time.Minute, + XFrameOptions: "SAMEORIGIN", +} + +func loadCorsFrom(rootCfg ConfigProvider) { + mustMapSetting(rootCfg, "cors", &CORSConfig) + if CORSConfig.Enabled { + log.Info("CORS Service Enabled") + } +} |