37 lines
1.3 KiB
Go
37 lines
1.3 KiB
Go
package server
|
|
|
|
import (
|
|
"github.com/Xhofe/alist/conf"
|
|
"github.com/Xhofe/alist/server/controllers"
|
|
"github.com/Xhofe/alist/utils"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// handle cors request
|
|
func CorsHandler() gin.HandlerFunc {
|
|
return func(context *gin.Context) {
|
|
origin:=context.GetHeader("Origin")
|
|
// 同源
|
|
if origin == "" {
|
|
context.Next()
|
|
return
|
|
}
|
|
method := context.Request.Method
|
|
// 设置跨域
|
|
context.Header("Access-Control-Allow-Origin",origin)
|
|
context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
|
|
context.Header("Access-Control-Allow-Headers", "Content-Length,session,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language, Keep-Alive, User-Agent, Cache-Control, Content-Type")
|
|
context.Header("Access-Control-Expose-Headers", "Content-Length,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified")
|
|
context.Header("Access-Control-Max-Age", "172800")
|
|
// 信任域名
|
|
if conf.Conf.Server.SiteUrl!="*"&&utils.ContainsString(conf.Origins,context.GetHeader("Origin"))==-1 {
|
|
context.JSON(200,controllers.MetaResponse(413,"The origin is not in the site_url list, please configure it correctly."))
|
|
context.Abort()
|
|
}
|
|
if method == "OPTIONS" {
|
|
context.AbortWithStatus(204)
|
|
}
|
|
//处理请求
|
|
context.Next()
|
|
}
|
|
} |