go/echo
go/echo
1
0
Fork 0
mirror of https://github.com/labstack/echo.git synced 2024-12-24 20:14:31 +02:00
Code Issues Releases Activity

improve docs

Browse Source
This commit is contained in:
toimtoimtoim 2021-12-09 21:57:20 +02:00 committed by Martti T
parent 5b26a5257b
commit 6f6befe555
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
context.go
View File

@ -214,7 +214,7 @@ const (
// ContextKeyHeaderAllow is set by Router for getting value for `Allow` header in later stages of handler call chain. // ContextKeyHeaderAllow is set by Router for getting value for `Allow` header in later stages of handler call chain.
// Allow header is mandatory for status 405 (method not found) and useful for OPTIONS method requests. // Allow header is mandatory for status 405 (method not found) and useful for OPTIONS method requests.
// It is added to context only when Router does not find matching method handler for request. // It is added to context only when Router does not find matching method handler for request.
ContextKeyHeaderAllow = "____echo____header_allow" ContextKeyHeaderAllow = "echo_header_allow"
) )
const ( const (

12
echo.go
View File

@ -192,9 +192,10 @@ const (
const ( const (
HeaderAccept = "Accept" HeaderAccept = "Accept"
HeaderAcceptEncoding = "Accept-Encoding" HeaderAcceptEncoding = "Accept-Encoding"
// HeaderAllow is header field that lists the set of methods advertised as supported by the target resource. // HeaderAllow is the name of the "Allow" header field used to list the set of methods
// Allow header is mandatory for status 405 (method not found) and useful OPTIONS method responses. // advertised as supported by the target resource. Returning an Allow header is mandatory
// See: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1 // for status 405 (method not found) and useful for the OPTIONS method in responses.
// See RFC 7231: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1
HeaderAllow = "Allow" HeaderAllow = "Allow"
HeaderAuthorization = "Authorization" HeaderAuthorization = "Authorization"
HeaderContentDisposition = "Content-Disposition" HeaderContentDisposition = "Content-Disposition"
@ -305,9 +306,8 @@ var (
} }
MethodNotAllowedHandler = func(c Context) error { MethodNotAllowedHandler = func(c Context) error {
// 'Allow' header RFC: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1 // See RFC 7231 section 7.4.1: An origin server MUST generate an Allow field in a 405 (Method Not Allowed)
// >> An origin server MUST generate an Allow field in a 405 (Method Not Allowed) response // response and MAY do so in any other response. For disabled resources an empty Allow header may be returned
// and MAY do so in any other response.
routerAllowMethods, ok := c.Get(ContextKeyHeaderAllow).(string) routerAllowMethods, ok := c.Get(ContextKeyHeaderAllow).(string)
if ok && routerAllowMethods != "" { if ok && routerAllowMethods != "" {
c.Response().Header().Set(HeaderAllow, routerAllowMethods) c.Response().Header().Set(HeaderAllow, routerAllowMethods)

2
middleware/cors.go
View File

@ -172,7 +172,7 @@ func CORSWithConfig(config CORSConfig) echo.MiddlewareFunc {
checkPatterns := false checkPatterns := false
if allowOrigin == "" { if allowOrigin == "" {
// to avoid regex cost by invalid (long) domains (253 is domain name max limit) // to avoid regex cost by invalid (long) domains (253 is domain name max limit)
if len(origin) <= (253+3+4) && strings.Contains(origin, "://") { if len(origin) <= (253+3+5) && strings.Contains(origin, "://") {
checkPatterns = true checkPatterns = true
} }
} }