summaryrefslogtreecommitdiffstats
path: root/modules/setting/cors.go
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--modules/setting/cors.go34
1 files changed, 34 insertions, 0 deletions
diff --git a/modules/setting/cors.go b/modules/setting/cors.go
new file mode 100644
index 0000000..63daaad
--- /dev/null
+++ b/modules/setting/cors.go
@@ -0,0 +1,34 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package setting
+
+import (
+ "time"
+
+ "code.gitea.io/gitea/modules/log"
+)
+
+// CORSConfig defines CORS settings
+var CORSConfig = struct {
+ Enabled bool
+ AllowDomain []string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together.
+ Methods []string
+ MaxAge time.Duration
+ AllowCredentials bool
+ Headers []string
+ XFrameOptions string
+}{
+ AllowDomain: []string{"*"},
+ Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"},
+ Headers: []string{"Content-Type", "User-Agent"},
+ MaxAge: 10 * time.Minute,
+ XFrameOptions: "SAMEORIGIN",
+}
+
+func loadCorsFrom(rootCfg ConfigProvider) {
+ mustMapSetting(rootCfg, "cors", &CORSConfig)
+ if CORSConfig.Enabled {
+ log.Info("CORS Service Enabled")
+ }
+}