OpenList/server/middlewares.go

package server

import (
	"github.com/Xhofe/alist/conf"
	"github.com/Xhofe/alist/server/controllers"
	"github.com/Xhofe/alist/utils"
	"github.com/gin-gonic/gin"
)

// handle cors request
func CorsHandler() gin.HandlerFunc {
	return func(context *gin.Context) {
		origin := context.GetHeader("Origin")
		// 同源
		if origin == "" {
			context.Next()
			return
		}
		method := context.Request.Method
		// 设置跨域
		context.Header("Access-Control-Allow-Origin", origin)
		context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
		context.Header("Access-Control-Allow-Headers", "Content-Length,session,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language, Keep-Alive, User-Agent, Cache-Control, Content-Type")
		context.Header("Access-Control-Expose-Headers", "Content-Length,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified")
		context.Header("Access-Control-Max-Age", "172800")
		// 信任域名
		if conf.Conf.Server.SiteUrl != "*" && utils.ContainsString(conf.Origins, context.GetHeader("Origin")) == -1 {
			context.JSON(200, controllers.MetaResponse(413, "The origin is not in the site_url list, please configure it correctly."))
			context.Abort()
		}
		if method == "OPTIONS" {
			context.AbortWithStatus(204)
		}
		//处理请求
		context.Next()
	}
}
Initial commit 2020-12-24 01:39:45 +08:00			`package server`

			`import (`
:bug: 刷新token与跨域问题 2020-12-24 20:25:40 +08:00			`"github.com/Xhofe/alist/conf"`
:accept: origin优化 2021-01-11 16:53:48 +08:00			`"github.com/Xhofe/alist/server/controllers"`
:bug: 多域名跨域 2021-01-08 16:32:02 +08:00			`"github.com/Xhofe/alist/utils"`
Initial commit 2020-12-24 01:39:45 +08:00			`"github.com/gin-gonic/gin"`
			`)`

:memo: add notes 2021-02-04 10:02:34 +08:00			`// handle cors request`
			`func CorsHandler() gin.HandlerFunc {`
Initial commit 2020-12-24 01:39:45 +08:00			`return func(context *gin.Context) {`
:bee: reformat code 2021-03-05 21:25:44 +08:00			`origin := context.GetHeader("Origin")`
:cloud: origin 2021-01-12 14:58:33 +08:00			`// 同源`
			`if origin == "" {`
			`context.Next()`
			`return`
			`}`
Initial commit 2020-12-24 01:39:45 +08:00			`method := context.Request.Method`
:bug: 多域名跨域 2021-01-08 16:32:02 +08:00			`// 设置跨域`
:bee: reformat code 2021-03-05 21:25:44 +08:00			`context.Header("Access-Control-Allow-Origin", origin)`
Initial commit 2020-12-24 01:39:45 +08:00			`context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")`
:accept: origin优化 2021-01-11 16:53:48 +08:00			`context.Header("Access-Control-Allow-Headers", "Content-Length,session,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language, Keep-Alive, User-Agent, Cache-Control, Content-Type")`
			`context.Header("Access-Control-Expose-Headers", "Content-Length,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified")`
Initial commit 2020-12-24 01:39:45 +08:00			`context.Header("Access-Control-Max-Age", "172800")`
:accept: origin优化 2021-01-11 16:53:48 +08:00			`// 信任域名`
:bee: reformat code 2021-03-05 21:25:44 +08:00			`if conf.Conf.Server.SiteUrl != "*" && utils.ContainsString(conf.Origins, context.GetHeader("Origin")) == -1 {`
			`context.JSON(200, controllers.MetaResponse(413, "The origin is not in the site_url list, please configure it correctly."))`
:accept: origin优化 2021-01-11 16:53:48 +08:00			`context.Abort()`
			`}`
Initial commit 2020-12-24 01:39:45 +08:00			`if method == "OPTIONS" {`
:accept: origin优化 2021-01-11 16:53:48 +08:00			`context.AbortWithStatus(204)`
Initial commit 2020-12-24 01:39:45 +08:00			`}`
			`//处理请求`
			`context.Next()`
			`}`
:bee: reformat code 2021-03-05 21:25:44 +08:00			`}`