JoBoEVD/codapi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: access-control-allow-methods header naming and value

Browse Source
This commit is contained in:
Anton
2023-12-20 11:12:06 +05:00
parent 69d022c061
commit 162ca55092
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/server/middleware.go
View File

@@ -7,7 +7,7 @@ import "net/http"
func enableCORS(handler func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("access-control-allow-origin", "*")
w.Header().Set("access-control-allow-method", "post")
w.Header().Set("access-control-allow-methods", "options, post")
w.Header().Set("access-control-allow-headers", "authorization, content-type")
w.Header().Set("access-control-max-age", "3600")
if r.Method == http.MethodOptions {

4
internal/server/middleware_test.go
View File

@@ -31,8 +31,8 @@ func Test_enableCORS(t *testing.T) {
if w.Header().Get("access-control-allow-origin") != "*" {
t.Errorf("invalid access-control-allow-origin")
}
if w.Header().Get("access-control-allow-method") != "post" {
t.Errorf("invalid access-control-allow-method")
if w.Header().Get("access-control-allow-methods") != "options, post" {
t.Errorf("invalid access-control-allow-methods")
}
if w.Header().Get("access-control-allow-headers") != "authorization, content-type" {
t.Errorf("invalid access-control-allow-headers")