browseraudit/cors.go at master · DistriNet/browseraudit · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package main

import (
	"encoding/base64"
	"github.com/gorilla/mux"
	"log"
	"net/http"
)

func CorsAllowOriginHandler(w http.ResponseWriter, r *http.Request) {
	originBase64 := mux.Vars(r)["originBase64"]
	origin, err := base64.StdEncoding.DecodeString(originBase64)
	if err != nil {
		log.Println(err)
		return
	}

	if string(origin) != "none" {
		w.Header().Set("Access-Control-Allow-Origin", string(origin))
	}
}

func CorsAllowMethodsHandler(w http.ResponseWriter, r *http.Request) {
	methodsBase64 := mux.Vars(r)["methodsBase64"]
	methods, err := base64.StdEncoding.DecodeString(methodsBase64)
	if err != nil {
		log.Println(err)
		return
	}

	w.Header().Set("Access-Control-Allow-Origin", "https://"+cfg.Domain.Domain1)
	if string(methods) != "none" {
		w.Header().Set("Access-Control-Allow-Methods", string(methods))
	}
}

func CorsAllowHeadersHandler(w http.ResponseWriter, r *http.Request) {
	headersBase64 := mux.Vars(r)["headersBase64"]
	headers, err := base64.StdEncoding.DecodeString(headersBase64)
	if err != nil {
		log.Println(err)
		return
	}

	w.Header().Set("Access-Control-Allow-Origin", "https://"+cfg.Domain.Domain1)
	if string(headers) != "none" {
		w.Header().Set("Access-Control-Allow-Headers", string(headers))
	}
}

func CorsExposedHeadersHandler(w http.ResponseWriter, r *http.Request) {
	headersBase64 := mux.Vars(r)["headersBase64"]
	headers, err := base64.StdEncoding.DecodeString(headersBase64)
	if err != nil {
		log.Println(err)
		return
	}

	DontCache(&w)
	w.Header().Set("Last-Modified", "Sun, 15 Jun 2014 18:40:03 GMT")
	w.Header().Set("Content-Language", "en")
	w.Header().Set("Access-Control-Allow-Origin", "https://"+cfg.Domain.Domain1)
	if string(headers) != "none" {
		w.Header().Set("Access-Control-Expose-Headers", string(headers))
	}
}

func CorsAllowCredentialsHandler(w http.ResponseWriter, r *http.Request) {
	originBase64 := mux.Vars(r)["originBase64"]
	credentialsBase64 := mux.Vars(r)["credentialsBase64"]
	origin, err := base64.StdEncoding.DecodeString(originBase64)
	credentials, err2 := base64.StdEncoding.DecodeString(credentialsBase64)
	if err != nil {
		log.Println(err)
		return
	}
	if err2 != nil {
		log.Println(err2)
		return
	}

	w.Header().Set("Access-Control-Allow-Origin", string(origin))
	w.Header().Set("Access-Control-Allow-Credentials", string(credentials))
}