1
0
mirror of https://github.com/labstack/echo.git synced 2024-12-20 19:52:47 +02:00
Commit Graph

38 Commits

Author SHA1 Message Date
toimtoimtoim
118c1632f2 CORS middleware should compile allowOrigin regexp at creation. 2024-11-22 11:59:58 +02:00
Martti T
3598f295f9
Change type definition blocks to single declarations. This helps copy/pasting Echo code in examples. (#2606) 2024-03-09 07:53:07 -08:00
Martti T
a842444e8f
Add SPDX licence comments to files. See https://spdx.dev/learn/handling-license-info/ (#2604) 2024-03-09 11:21:24 +02:00
Martti T
69a0de8415
Mark unmarshallable yaml struct tags as ignored (#2536) 2023-10-24 21:12:13 +03:00
Martti T
4bc3e475e3
cors middleware: allow sending Access-Control-Max-Age: 0 value with config.MaxAge being negative number. (#2518) 2023-09-19 08:24:47 +03:00
imxyb
c0bc886b78 refactor: use strings.ReplaceAll directly 2023-03-31 20:59:08 +03:00
toimtoimtoim
f909660bb9 Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UNSAFE usages of wildcard origin + allow cretentials less likely. 2023-02-22 00:05:31 +02:00
Daniel Price
50e7e569f0 Improve CORS documentation
* Provide links to further reading
* Provide security warnings
* Document undocumented wildcard feature
* Update to go-1.19 style links
2022-09-12 22:46:13 +03:00
toimtoimtoim
6f6befe555 improve docs 2022-01-03 21:04:17 +02:00
toimtoimtoim
5b26a5257b Allow header support in Router, MethodNotFoundHandler (405) and CORS middleware 2022-01-03 21:04:17 +02:00
Pierre Rousset
e6f24aa8b1 Addressed PR feedback 2020-11-24 16:25:49 +09:00
Pierre Rousset
26ab188922 CORS: add an optional custom function to validate the origin 2020-11-24 16:24:17 +09:00
Ulas Akdeniz
871ed9c68d Fix incorrect CORS headers
- Fix empty Access-Control-Allow-Origin
- Set CORS headers only if request Origin is existing and allowed
- Increase middleware test coverage
2020-11-06 03:10:16 +01:00
Andrew Klotz
9a28fb8608
cors allow regex pattern
enable cors to use regex pattern for allowed origins

implementation is similar to another popular cors
middleware: https://github.com/astaxie/beego/blob/master/plugins/cors/cors.go#L196-L201
2020-08-19 03:17:12 +00:00
atsushi-ishibashi
1f6cc362cc Set subdomains to AllowOrigins with wildcard (#1301)
* Set subdomains to AllowOrigins with wildcard

* Create IsSubDomain

* Avoid panic when pattern length smaller than domain length

* Change names, improve formula
2019-03-09 10:32:49 -08:00
Alex Ungur
6d9e043284 Introduced Go module support as v4, removed obsolete CloseNotifier() mechanism
This reintroduces support for Go modules, as v4.

CloseNotifier() is removed as it has been obsoleted, see https://golang.org/doc/go1.11#net/http

It was already NOT working (not sending signals) as of 1.11 the functionality was gone, we merely
deleted the functions that exposed it. If anyone still relies on it they should migrate to using
`c.Request().Context().Done()` instead.

Closes #1268, #1255
2019-01-30 16:11:42 +02:00
Aimee LaPlant
2195bd3670 Updated comment. (#1245) 2019-01-09 15:15:33 -08:00
Emir Ribić
c8fd197fa8 Replace http constants with stdlib ones, i.e.: http.MethodGet instead of echo.GET (#1205) 2018-10-14 20:46:58 +05:30
Jean-Sébastien Ney
d63824fa41 handle using withcredentials and allow origin * together 2018-07-03 09:45:12 -07:00
Vishal Rana
da083ffd0a Implemented rewrite middleware
Signed-off-by: Vishal Rana <vr@labstack.com>
2017-12-28 11:26:50 -08:00
Vishal Rana
52fa135fd5 Updated docs, exposed middleware.DefaultSkipper
Signed-off-by: Vishal Rana <vr@labstack.com>
2017-01-28 11:46:43 -08:00
Vishal Rana
fe269b3e1c fixed ##743
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-11-21 14:42:13 -08:00
Vishal Rana
2f70d3e1c7 fixed #712
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-11-12 20:34:52 -08:00
Vishal Rana
d832efd403 cors: not checking for origin header
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-11-12 14:05:41 -08:00
Vishal Rana
2aec0353f5 First commit to v3, #665
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-09-22 22:56:00 -07:00
Vishal Rana
3d9d408365 Options for redirect middleware
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-08-31 20:10:14 -07:00
Vishal Rana
27f9b326b8 Ability to skip a middleware via callback
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-07-27 09:34:44 -07:00
anger
9225ce0f18 Add PATCH to default allowed methods 2016-05-31 15:41:09 +03:00
Vishal Rana
702e6d0967 Closes #517, closes #518
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-22 07:58:21 -07:00
Vishal Rana
c6b32d5541 Added json tags to middleware config
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-18 18:53:54 -07:00
Vishal Rana
98dd8bf9e9 Added CSRF middleware, #341.
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-12 17:45:00 -07:00
Vishal Rana
1afaa6ec0b Updated docs, changes to static middleware config
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-10 11:52:04 -07:00
Vishal Rana
6424d779dc Added test for secure middleware
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-03 08:32:28 -07:00
Vishal Rana
be825e0229 Refactored variable names
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-24 10:22:15 -07:00
Vishal Rana
1247552c9b Fixed https://github.com/labstack/echox/issues/9
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-20 07:32:51 -07:00
Vishal Rana
1a7bc677da API changes from to with
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-07 21:20:50 -07:00
Vishal Rana
a8cf473ee7 Updated README.md with CORS middleware
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-07 16:58:56 -07:00
Vishal Rana
a3352d880c Fixed #454, Fixed #274
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-07 16:16:58 -07:00