34 lines
1.1 KiB
Go
34 lines
1.1 KiB
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/Sirupsen/logrus"
|
|
"github.com/docker/docker/api/server/httputils"
|
|
"golang.org/x/net/context"
|
|
)
|
|
|
|
// NewCORSMiddleware creates a new CORS middleware.
|
|
func NewCORSMiddleware(defaultHeaders string) Middleware {
|
|
return func(handler httputils.APIFunc) httputils.APIFunc {
|
|
return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
|
|
// If "api-cors-header" is not given, but "api-enable-cors" is true, we set cors to "*"
|
|
// otherwise, all head values will be passed to HTTP handler
|
|
corsHeaders := defaultHeaders
|
|
if corsHeaders == "" {
|
|
corsHeaders = "*"
|
|
}
|
|
|
|
writeCorsHeaders(w, r, corsHeaders)
|
|
return handler(ctx, w, r, vars)
|
|
}
|
|
}
|
|
}
|
|
|
|
func writeCorsHeaders(w http.ResponseWriter, r *http.Request, corsHeaders string) {
|
|
logrus.Debugf("CORS header is enabled and set to: %s", corsHeaders)
|
|
w.Header().Add("Access-Control-Allow-Origin", corsHeaders)
|
|
w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Registry-Auth")
|
|
w.Header().Add("Access-Control-Allow-Methods", "HEAD, GET, POST, DELETE, PUT, OPTIONS")
|
|
}
|