code.gitea.io/gitea@v1.22.3/modules/setting/cors.go

code.gitea.io/gitea@v1.22.3/modules/setting/cors.go (about)

     1  // Copyright 2019 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package setting
     5  
     6  import (
     7  	"time"
     8  
     9  	"code.gitea.io/gitea/modules/log"
    10  )
    11  
    12  // CORSConfig defines CORS settings
    13  var CORSConfig = struct {
    14  	Enabled          bool
    15  	AllowDomain      []string // FIXME: this option is from legacy code, it actually works as "AllowedOrigins". When refactoring in the future, the config option should also be renamed together.
    16  	Methods          []string
    17  	MaxAge           time.Duration
    18  	AllowCredentials bool
    19  	Headers          []string
    20  	XFrameOptions    string
    21  }{
    22  	AllowDomain:   []string{"*"},
    23  	Methods:       []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"},
    24  	Headers:       []string{"Content-Type", "User-Agent"},
    25  	MaxAge:        10 * time.Minute,
    26  	XFrameOptions: "SAMEORIGIN",
    27  }
    28  
    29  func loadCorsFrom(rootCfg ConfigProvider) {
    30  	mustMapSetting(rootCfg, "cors", &CORSConfig)
    31  	if CORSConfig.Enabled {
    32  		log.Info("CORS Service Enabled")
    33  	}
    34  }