func addCORSFromEnv(c *cmdsHttp.ServerConfig) { origin := os.Getenv(originEnvKey) if origin != "" { log.Warning(originEnvKeyDeprecate) if len(c.AllowedOrigins()) == 0 { c.SetAllowedOrigins([]string{origin}...) } c.AppendAllowedOrigins(origin) } }
func addCORSDefaults(c *cmdsHttp.ServerConfig) { // by default use localhost origins if len(c.AllowedOrigins()) == 0 { c.SetAllowedOrigins(defaultLocalhostOrigins...) } // by default, use GET, PUT, POST if len(c.AllowedMethods()) == 0 { c.SetAllowedMethods("GET", "POST", "PUT") } }
func patchCORSVars(c *cmdsHttp.ServerConfig, addr net.Addr) { // we have to grab the port from an addr, which may be an ip6 addr. // TODO: this should take multiaddrs and derive port from there. port := "" if tcpaddr, ok := addr.(*net.TCPAddr); ok { port = strconv.Itoa(tcpaddr.Port) } else if udpaddr, ok := addr.(*net.UDPAddr); ok { port = strconv.Itoa(udpaddr.Port) } // we're listening on tcp/udp with ports. ("udp!?" you say? yeah... it happens...) origins := c.AllowedOrigins() for i, o := range origins { // TODO: allow replacing <host>. tricky, ip4 and ip6 and hostnames... if port != "" { o = strings.Replace(o, "<port>", port, -1) } origins[i] = o } c.SetAllowedOrigins(origins...) }