Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CORs headers and OPTIONS support #14

Open
2 tasks done
austinpray opened this issue Jun 13, 2015 · 3 comments
Open
2 tasks done

Add CORs headers and OPTIONS support #14

austinpray opened this issue Jun 13, 2015 · 3 comments
Assignees
@austinpray
Milestone
1.0.0

Comments

@austinpray
Copy link
Member

ty @jhliberty

  • CORs
  • OPTIONS middleware
@austinpray austinpray changed the title Add CORs headers Add CORs headers and OPTIONS support Jun 13, 2015
@austinpray austinpray self-assigned this Jun 13, 2015
@austinpray austinpray added this to the 1.0.0 milestone Jun 14, 2015
@austinpray
Copy link
Member Author

Almost forgot that we should not be using the * options for the Access-Control-Allow-Origin header. http://www.w3.org/TR/cors/#security

return func(w http.ResponseWriter, r *http.Request) {
        if origin := r.Header.Get("Origin"); origin != "" {
            w.Header().Set("Access-Control-Allow-Origin", origin)
        }
}

@austinpray
Copy link
Member Author

To support OPTIONS we could create a simple lambda that returns a preflight response handler

Then do

router.HandleFunc("/current_action", GetCurrentAction).Methods("GET")
router.HandleFunc("/current_action", NewPreFlightHandler("GET")).Methods("OPTIONS")

And then for more complicated endpoints

router.HandleFunc("/complicated", GetComplicated).Methods("GET")
router.HandleFunc("/complicated", CreateComplicated).Methods("POST")
router.HandleFunc("/complicated", NewPreFlightHandler("GET", "POST")).Methods("OPTIONS")

@austinpray
Copy link
Member Author

I think this works but it needs to be added to the other endpoints

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@austinpray austinpray

Labels
None yet
Projects
None yet
Milestone
1.0.0
Development

No branches or pull requests
1 participant
@austinpray