mirrors/owncast
1
0
Fork 0
mirror of https://github.com/owncast/owncast.git synced 2024-11-22 04:40:37 +03:00
Code Issues Projects Releases Packages Wiki Activity

Explicitly add CORS wildcard on all OPTIONS requests

Browse source
This commit is contained in:
Gabe Kangas 2021-07-28 12:47:15 -07:00
parent 509c658080
commit 810b0cd5da
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
router/middleware/auth.go
View file

@ -58,6 +58,8 @@ func RequireExternalAPIAccessToken(scope string, handler ExternalAccessTokenHand
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// We should accept 3rd party preflight OPTIONS requests.
if r.Method == "OPTIONS" {
// All OPTIONS requests should have a wildcard CORS header.
w.Header().Set("Access-Control-Allow-Origin", "*")
w.WriteHeader(http.StatusOK)
return
}
@ -77,7 +79,7 @@ func RequireExternalAPIAccessToken(scope string, handler ExternalAccessTokenHand
return
}
// All valid 3rd party requests should have a wildcard CORS header.
// All auth'ed 3rd party requests should have a wildcard CORS header.
w.Header().Set("Access-Control-Allow-Origin", "*")
handler(*integration, w, r)