test cors fuck

2026-06-04 09:02:56 +00:00 · 2025-06-15 18:56:27 +02:00
parent be771cfe93
commit 99fd524266
1 changed files with 35 additions and 1 deletions
@@ -65,8 +65,42 @@ func sendHandler(w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte("Email sent successfully"))
 }

+func enableCors(handler http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		origin := r.Header.Get("Origin")
+
+		// Allow localhost development URLs
+		if strings.HasPrefix(origin, "http://localhost:") ||
+			strings.HasPrefix(origin, "http://127.0.0.1:") {
+			w.Header().Set("Access-Control-Allow-Origin", origin)
+			w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
+			w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
+		} else {
+			// Check production domains
+			cleanOrigin := strings.TrimPrefix(strings.TrimPrefix(origin, "http://"), "https://")
+			cleanOrigin = strings.Split(cleanOrigin, "/")[0]
+
+			// Check if the origin's domain is in our domain map
+			_, allowed := domainMap[cleanOrigin]
+			if allowed {
+				w.Header().Set("Access-Control-Allow-Origin", origin)
+				w.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS")
+				w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
+			}
+		}
+
+		// Handle preflight requests
+		if r.Method == http.MethodOptions {
+			w.WriteHeader(http.StatusOK)
+			return
+		}
+
+		handler(w, r)
+	}
+}
+
 func main() {
-	http.HandleFunc("/send", sendHandler)
+	http.HandleFunc("/send", enableCors(sendHandler))
 	log.Println("Server running on :8080")
 	log.Fatal(http.ListenAndServe(":8080", nil))
 }