Function to set Simple CORS headers
(c fiber.Ctx, allowOrigin string, cfg *Config)
| 207 | |
| 208 | // Function to set Simple CORS headers |
| 209 | func setSimpleHeaders(c fiber.Ctx, allowOrigin string, cfg *Config) { |
| 210 | if cfg == nil { |
| 211 | return |
| 212 | } |
| 213 | |
| 214 | if cfg.AllowCredentials { |
| 215 | // When AllowCredentials is true, set the Access-Control-Allow-Origin to the specific origin instead of '*' |
| 216 | if allowOrigin == "*" { |
| 217 | c.Set(fiber.HeaderAccessControlAllowOrigin, allowOrigin) |
| 218 | log.Warn("[CORS] 'AllowCredentials' is true, but 'AllowOrigins' cannot be set to '*'.") |
| 219 | } else if allowOrigin != "" { |
| 220 | c.Set(fiber.HeaderAccessControlAllowOrigin, allowOrigin) |
| 221 | c.Set(fiber.HeaderAccessControlAllowCredentials, "true") |
| 222 | } |
| 223 | } else if allowOrigin != "" { |
| 224 | // For non-credential requests, it's safe to set to '*' or specific origins |
| 225 | c.Set(fiber.HeaderAccessControlAllowOrigin, allowOrigin) |
| 226 | } |
| 227 | |
| 228 | // Set Expose-Headers if not empty |
| 229 | if len(cfg.ExposeHeaders) > 0 { |
| 230 | c.Set(fiber.HeaderAccessControlExposeHeaders, strings.Join(cfg.ExposeHeaders, ", ")) |
| 231 | } |
| 232 | } |
| 233 | |
| 234 | // Function to set Preflight CORS headers |
| 235 | func setPreflightHeaders(c fiber.Ctx, allowOrigin, maxAge string, cfg *Config) { |