Patch to not use * for CORS auth header

This commit is contained in:
Melon 2024-02-14 19:30:21 +00:00
parent f8dde8eebe
commit 333394cf89
Signed by: melon
GPG Key ID: 6C9D970C50D26A25

View File

@ -20,8 +20,9 @@ import (
// serveApiCors outputs the cors headers to make APIs work.
var serveApiCors = cors.New(cors.Options{
AllowedOrigins: []string{"*"}, // allow all origins for api requests
AllowedHeaders: []string{"Content-Type", "Authorization"},
// allow all origins for api requests
AllowOriginFunc: func(origin string) bool { return true },
AllowedHeaders: []string{"Content-Type", "Authorization"},
AllowedMethods: []string{
http.MethodGet,
http.MethodHead,