mirror of
https://github.com/andatoshiki/shikigrid.git
synced 2026-06-05 19:56:27 +00:00
24 lines
744 B
Go
24 lines
744 B
Go
package api
|
|
|
|
import (
|
|
"github.com/go-chi/cors"
|
|
"net/http"
|
|
)
|
|
|
|
func CORS(next http.Handler) http.Handler {
|
|
cors := cors.New(cors.Options{
|
|
AllowedOrigins: []string{"*"},
|
|
AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
|
|
AllowedHeaders: []string{"Accept", "Content-Type", "Content-Length", "Accept-Encoding", "X-CSRF-Token", "Authorization"},
|
|
AllowCredentials: true,
|
|
MaxAge: 300,
|
|
})
|
|
return cors.Handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Add("X-Frame-Options", "DENY")
|
|
w.Header().Add("X-Content-Type-Options", "nosniff")
|
|
w.Header().Add("X-XSS-Protection", "1; mode=block")
|
|
w.Header().Add("Referrer-Policy", "same-origin")
|
|
next.ServeHTTP(w, r)
|
|
}))
|
|
}
|