From e68b9d00a6e05b3a941f63ffb696f91e554ac5ec Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 18 Oct 2024 20:33:49 +0200 Subject: Adding upstream version 9.0.3. Signed-off-by: Daniel Baumann --- modules/setting/cors.go | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 modules/setting/cors.go (limited to 'modules/setting/cors.go') diff --git a/modules/setting/cors.go b/modules/setting/cors.go new file mode 100644 index 0000000..63daaad --- /dev/null +++ b/modules/setting/cors.go @@ -0,0 +1,34 @@ +// Copyright 2019 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package setting + +import ( + "time" + + "code.gitea.io/gitea/modules/log" +) + +// CORSConfig defines CORS settings +var CORSConfig = struct { + Enabled bool + AllowDomain []string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together. + Methods []string + MaxAge time.Duration + AllowCredentials bool + Headers []string + XFrameOptions string +}{ + AllowDomain: []string{"*"}, + Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"}, + Headers: []string{"Content-Type", "User-Agent"}, + MaxAge: 10 * time.Minute, + XFrameOptions: "SAMEORIGIN", +} + +func loadCorsFrom(rootCfg ConfigProvider) { + mustMapSetting(rootCfg, "cors", &CORSConfig) + if CORSConfig.Enabled { + log.Info("CORS Service Enabled") + } +} -- cgit v1.2.3