mirror of
https://github.com/labstack/echo.git
synced 2024-12-24 20:14:31 +02:00
improve docs
This commit is contained in:
parent
5b26a5257b
commit
6f6befe555
@ -214,7 +214,7 @@ const (
|
||||
// ContextKeyHeaderAllow is set by Router for getting value for `Allow` header in later stages of handler call chain.
|
||||
// Allow header is mandatory for status 405 (method not found) and useful for OPTIONS method requests.
|
||||
// It is added to context only when Router does not find matching method handler for request.
|
||||
ContextKeyHeaderAllow = "____echo____header_allow"
|
||||
ContextKeyHeaderAllow = "echo_header_allow"
|
||||
)
|
||||
|
||||
const (
|
||||
|
12
echo.go
12
echo.go
@ -192,9 +192,10 @@ const (
|
||||
const (
|
||||
HeaderAccept = "Accept"
|
||||
HeaderAcceptEncoding = "Accept-Encoding"
|
||||
// HeaderAllow is header field that lists the set of methods advertised as supported by the target resource.
|
||||
// Allow header is mandatory for status 405 (method not found) and useful OPTIONS method responses.
|
||||
// See: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1
|
||||
// HeaderAllow is the name of the "Allow" header field used to list the set of methods
|
||||
// advertised as supported by the target resource. Returning an Allow header is mandatory
|
||||
// for status 405 (method not found) and useful for the OPTIONS method in responses.
|
||||
// See RFC 7231: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1
|
||||
HeaderAllow = "Allow"
|
||||
HeaderAuthorization = "Authorization"
|
||||
HeaderContentDisposition = "Content-Disposition"
|
||||
@ -305,9 +306,8 @@ var (
|
||||
}
|
||||
|
||||
MethodNotAllowedHandler = func(c Context) error {
|
||||
// 'Allow' header RFC: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1
|
||||
// >> An origin server MUST generate an Allow field in a 405 (Method Not Allowed) response
|
||||
// and MAY do so in any other response.
|
||||
// See RFC 7231 section 7.4.1: An origin server MUST generate an Allow field in a 405 (Method Not Allowed)
|
||||
// response and MAY do so in any other response. For disabled resources an empty Allow header may be returned
|
||||
routerAllowMethods, ok := c.Get(ContextKeyHeaderAllow).(string)
|
||||
if ok && routerAllowMethods != "" {
|
||||
c.Response().Header().Set(HeaderAllow, routerAllowMethods)
|
||||
|
@ -172,7 +172,7 @@ func CORSWithConfig(config CORSConfig) echo.MiddlewareFunc {
|
||||
checkPatterns := false
|
||||
if allowOrigin == "" {
|
||||
// to avoid regex cost by invalid (long) domains (253 is domain name max limit)
|
||||
if len(origin) <= (253+3+4) && strings.Contains(origin, "://") {
|
||||
if len(origin) <= (253+3+5) && strings.Contains(origin, "://") {
|
||||
checkPatterns = true
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user