2019-05-13 10:38:53 -05:00
// Copyright 2019 The Gitea Authors. All rights reserved.
2022-11-27 13:20:29 -05:00
// SPDX-License-Identifier: MIT
2019-05-13 10:38:53 -05:00
package setting
import (
"time"
"code.gitea.io/gitea/modules/log"
)
2022-01-20 12:46:10 -05:00
// CORSConfig defines CORS settings
var CORSConfig = struct {
Enabled bool
2023-12-25 07:13:18 -05:00
AllowDomain [ ] string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together.
2022-01-20 12:46:10 -05:00
Methods [ ] string
MaxAge time . Duration
AllowCredentials bool
2022-11-11 01:39:27 -05:00
Headers [ ] string
2022-01-20 12:46:10 -05:00
XFrameOptions string
} {
2023-04-19 14:30:10 -05:00
AllowDomain : [ ] string { "*" } ,
Methods : [ ] string { "GET" , "HEAD" , "POST" , "PUT" , "PATCH" , "DELETE" , "OPTIONS" } ,
2022-11-11 01:39:27 -05:00
Headers : [ ] string { "Content-Type" , "User-Agent" } ,
2023-04-19 14:30:10 -05:00
MaxAge : 10 * time . Minute ,
2022-01-20 12:46:10 -05:00
XFrameOptions : "SAMEORIGIN" ,
}
2019-05-13 10:38:53 -05:00
2023-02-19 11:12:01 -05:00
func loadCorsFrom ( rootCfg ConfigProvider ) {
mustMapSetting ( rootCfg , "cors" , & CORSConfig )
2020-01-29 02:47:46 -05:00
if CORSConfig . Enabled {
2019-05-13 10:38:53 -05:00
log . Info ( "CORS Service Enabled" )
}
}