summaryrefslogtreecommitdiff
path: root/server/middleware/cors.go
diff options
context:
space:
mode:
Diffstat (limited to 'server/middleware/cors.go')
-rw-r--r--server/middleware/cors.go36
1 files changed, 36 insertions, 0 deletions
diff --git a/server/middleware/cors.go b/server/middleware/cors.go
new file mode 100644
index 0000000..641113a
--- /dev/null
+++ b/server/middleware/cors.go
@@ -0,0 +1,36 @@
+package middleware
+
+import "net/http"
+
+func CORS(next http.Handler) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ writeMethods(w, r)
+ writeOrigins(w, r)
+ writeHeaders(w)
+ next.ServeHTTP(w, r)
+ })
+}
+
+func writeMethods(responseWriter http.ResponseWriter, request *http.Request) {
+ method := request.Header.Get("Access-Control-Request-Method")
+ if isPreflight(request) {
+ responseWriter.Header().Add("Access-Control-Allow-Methods", method)
+ }
+}
+
+func writeOrigins(responseWriter http.ResponseWriter, request *http.Request) {
+ origin := request.Header.Get("Origin")
+ if origin == "http://localhost:5173" {
+ responseWriter.Header().Add("Access-Control-Allow-Origin", origin)
+ }
+}
+
+func writeHeaders(responseWriter http.ResponseWriter) {
+ responseWriter.Header().Add("Access-Control-Allow-Headers", "*")
+}
+
+func isPreflight(request *http.Request) bool {
+ return request.Method == "OPTIONS" &&
+ request.Header.Get("Origin") != "" &&
+ request.Header.Get("Access-Control-Request-Method") != ""
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-22 11:04:16 +0000