TDvorak/SendMail
1
0
Fork 0
mirror of https://github.com/Dvorinka/SendMail.git synced 2026-06-03 16:42:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

cors

Browse Source
This commit is contained in:
Tomas Dvorak
2025-06-15 19:04:53 +02:00
parent 99fd524266
commit 2ca229d148
1 changed files with 5 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
main.go
+5 -19
View File
@@ -67,26 +67,12 @@ func sendHandler(w http.ResponseWriter, r *http.Request) {
func enableCors(handler http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
// Allow all origins
origin := r.Header.Get("Origin")
// Allow localhost development URLs
if strings.HasPrefix(origin, "http://localhost:") ||
strings.HasPrefix(origin, "http://127.0.0.1:") {
w.Header().Set("Access-Control-Allow-Origin", origin)
w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
} else {
// Check production domains
cleanOrigin := strings.TrimPrefix(strings.TrimPrefix(origin, "http://"), "https://")
cleanOrigin = strings.Split(cleanOrigin, "/")[0]
// Check if the origin's domain is in our domain map
_, allowed := domainMap[cleanOrigin]
if allowed {
w.Header().Set("Access-Control-Allow-Origin", origin)
w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
}
if origin != "" {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, Authorization")
}
// Handle preflight requests