allowCORS allows Cross Origin Resource Sharing from any origin. Don't do this without consideration in production systems.
(h http.Handler)
| 33 | // allowCORS allows Cross Origin Resource Sharing from any origin. |
| 34 | // Don't do this without consideration in production systems. |
| 35 | func allowCORS(h http.Handler) http.Handler { |
| 36 | return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 37 | if origin := r.Header.Get("Origin"); origin != "" { |
| 38 | w.Header().Set("Access-Control-Allow-Origin", origin) |
| 39 | if r.Method == "OPTIONS" && r.Header.Get("Access-Control-Request-Method") != "" { |
| 40 | preflightHandler(w, r) |
| 41 | return |
| 42 | } |
| 43 | } |
| 44 | h.ServeHTTP(w, r) |
| 45 | }) |
| 46 | } |
| 47 | |
| 48 | // preflightHandler adds the necessary headers in order to serve |
| 49 | // CORS from any origin using the methods "GET", "HEAD", "POST", "PUT", "DELETE" |
no test coverage detected