MCPcopy Index your code
hub / github.com/coder/coder / determineCORSBehavior

Method determineCORSBehavior

coderd/workspaceapps/proxy.go:363–390  ·  view source on GitHub ↗

determineCORSBehavior examines the given token and conditionally applies CORS middleware if the token specifies that behavior.

(token *SignedToken, app appurl.ApplicationURL)

Source from the content-addressed store, hash-verified

361// determineCORSBehavior examines the given token and conditionally applies
362// CORS middleware if the token specifies that behavior.
363func (s *Server) determineCORSBehavior(token *SignedToken, app appurl.ApplicationURL) func(http.Handler) http.Handler {
364 return func(next http.Handler) http.Handler {
365 // Create the CORS middleware handler upfront.
366 corsHandler := httpmw.WorkspaceAppCors(s.HostnameRegex, app)(next)
367
368 return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
369 var behavior codersdk.CORSBehavior
370 if token != nil {
371 behavior = token.CORSBehavior
372 }
373
374 // Add behavior to context regardless of which handler we use,
375 // since we will use this later on to determine if we should strip
376 // CORS headers in the response.
377 r = r.WithContext(cors.WithBehavior(r.Context(), behavior))
378
379 switch behavior {
380 case codersdk.CORSBehaviorPassthru:
381 // Bypass the CORS middleware.
382 next.ServeHTTP(rw, r)
383 return
384 default:
385 // Apply the CORS middleware.
386 corsHandler.ServeHTTP(rw, r)
387 }
388 })
389 }
390}
391
392// HandleSubdomain handles subdomain-based application proxy requests (aka.
393// DevURLs in Coder V1).

Callers 1

HandleSubdomainMethod · 0.95

Calls 5

WorkspaceAppCorsFunction · 0.92
WithBehaviorFunction · 0.92
WithContextMethod · 0.80
ContextMethod · 0.65
ServeHTTPMethod · 0.45

Tested by

no test coverage detected