Martti T
69a0de8415
Mark unmarshallable yaml struct tags as ignored ( #2536 )
2023-10-24 21:12:13 +03:00
Martti T
4bc3e475e3
cors middleware: allow sending Access-Control-Max-Age: 0
value with config.MaxAge being negative number. ( #2518 )
2023-09-19 08:24:47 +03:00
imxyb
c0bc886b78
refactor: use strings.ReplaceAll directly
2023-03-31 20:59:08 +03:00
toimtoimtoim
f909660bb9
Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UNSAFE usages of wildcard origin + allow cretentials less likely.
2023-02-22 00:05:31 +02:00
Daniel Price
50e7e569f0
Improve CORS documentation
...
* Provide links to further reading
* Provide security warnings
* Document undocumented wildcard feature
* Update to go-1.19 style links
2022-09-12 22:46:13 +03:00
toimtoimtoim
6f6befe555
improve docs
2022-01-03 21:04:17 +02:00
toimtoimtoim
5b26a5257b
Allow
header support in Router, MethodNotFoundHandler (405) and CORS middleware
2022-01-03 21:04:17 +02:00
Pierre Rousset
e6f24aa8b1
Addressed PR feedback
2020-11-24 16:25:49 +09:00
Pierre Rousset
26ab188922
CORS: add an optional custom function to validate the origin
2020-11-24 16:24:17 +09:00
Ulas Akdeniz
871ed9c68d
Fix incorrect CORS headers
...
- Fix empty Access-Control-Allow-Origin
- Set CORS headers only if request Origin is existing and allowed
- Increase middleware test coverage
2020-11-06 03:10:16 +01:00
Andrew Klotz
9a28fb8608
cors allow regex pattern
...
enable cors to use regex pattern for allowed origins
implementation is similar to another popular cors
middleware: https://github.com/astaxie/beego/blob/master/plugins/cors/cors.go#L196-L201
2020-08-19 03:17:12 +00:00
atsushi-ishibashi
1f6cc362cc
Set subdomains to AllowOrigins with wildcard ( #1301 )
...
* Set subdomains to AllowOrigins with wildcard
* Create IsSubDomain
* Avoid panic when pattern length smaller than domain length
* Change names, improve formula
2019-03-09 10:32:49 -08:00
Alex Ungur
6d9e043284
Introduced Go module support as v4, removed obsolete CloseNotifier() mechanism
...
This reintroduces support for Go modules, as v4.
CloseNotifier() is removed as it has been obsoleted, see https://golang.org/doc/go1.11#net/http
It was already NOT working (not sending signals) as of 1.11 the functionality was gone, we merely
deleted the functions that exposed it. If anyone still relies on it they should migrate to using
`c.Request().Context().Done()` instead.
Closes #1268 , #1255
2019-01-30 16:11:42 +02:00
Aimee LaPlant
2195bd3670
Updated comment. ( #1245 )
2019-01-09 15:15:33 -08:00
Emir Ribić
c8fd197fa8
Replace http constants with stdlib ones, i.e.: http.MethodGet instead of echo.GET ( #1205 )
2018-10-14 20:46:58 +05:30
Jean-Sébastien Ney
d63824fa41
handle using withcredentials and allow origin * together
2018-07-03 09:45:12 -07:00
Vishal Rana
da083ffd0a
Implemented rewrite middleware
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2017-12-28 11:26:50 -08:00
Vishal Rana
52fa135fd5
Updated docs, exposed middleware.DefaultSkipper
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2017-01-28 11:46:43 -08:00
Vishal Rana
fe269b3e1c
fixed ##743
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-11-21 14:42:13 -08:00
Vishal Rana
2f70d3e1c7
fixed #712
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-11-12 20:34:52 -08:00
Vishal Rana
d832efd403
cors: not checking for origin header
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-11-12 14:05:41 -08:00
Vishal Rana
2aec0353f5
First commit to v3, #665
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-09-22 22:56:00 -07:00
Vishal Rana
3d9d408365
Options for redirect middleware
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-08-31 20:10:14 -07:00
Vishal Rana
27f9b326b8
Ability to skip a middleware via callback
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-07-27 09:34:44 -07:00
anger
9225ce0f18
Add PATCH to default allowed methods
2016-05-31 15:41:09 +03:00
Vishal Rana
702e6d0967
Closes #517 , closes #518
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-22 07:58:21 -07:00
Vishal Rana
c6b32d5541
Added json tags to middleware config
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-18 18:53:54 -07:00
Vishal Rana
98dd8bf9e9
Added CSRF middleware, #341 .
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-12 17:45:00 -07:00
Vishal Rana
1afaa6ec0b
Updated docs, changes to static middleware config
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-10 11:52:04 -07:00
Vishal Rana
6424d779dc
Added test for secure middleware
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-05-03 08:32:28 -07:00
Vishal Rana
be825e0229
Refactored variable names
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-24 10:22:15 -07:00
Vishal Rana
1247552c9b
Fixed https://github.com/labstack/echox/issues/9
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-20 07:32:51 -07:00
Vishal Rana
1a7bc677da
API changes from to with
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-07 21:20:50 -07:00
Vishal Rana
a8cf473ee7
Updated README.md with CORS middleware
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-07 16:58:56 -07:00
Vishal Rana
a3352d880c
Fixed #454 , Fixed #274
...
Signed-off-by: Vishal Rana <vr@labstack.com>
2016-04-07 16:16:58 -07:00