Browse Source
Fix incorrect CORS default values (#24206)
Document: ``` ;ALLOW_DOMAIN = * ;METHODS = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS ``` Co-authored-by: Giteabot <teabot@gitea.io>tags/v1.20.0-rc0
wxiaoguang
1 year ago
1 changed files with 3 additions and 2 deletions
+ 3
- 2
modules/setting/cors.go
View File
| @@ -21,9 +21,10 @@ var CORSConfig = struct { | |||
| Headers []string | |||
| XFrameOptions string | |||
| }{ | |||
| Enabled: false, | |||
| MaxAge: 10 * time.Minute, | |||
| AllowDomain: []string{"*"}, | |||
| Methods: []string{"GET", "HEAD", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"}, | |||
| Headers: []string{"Content-Type", "User-Agent"}, | |||
| MaxAge: 10 * time.Minute, | |||
| XFrameOptions: "SAMEORIGIN", | |||
| } | |||
Loading…