finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add configuration for CORS allowed headers (#21747)

Browse source 
This PR enhances the CORS middleware usage by allowing for the headers
to be configured in `app.ini`.

Fixes #21746

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
Drew Noel 2022-11-11 01:39:27 -05:00 committed by GitHub
parent fb704f6c72
commit 2cbea23d70
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
custom/conf/app.example.ini
View file

@ -1138,6 +1138,9 @@ ROUTER = console
;; allow request with credentials
;ALLOW_CREDENTIALS = false
;;
;; headers to permit
;HEADERS = Content-Type,User-Agent
;;
;; set X-FRAME-OPTIONS header
;X_FRAME_OPTIONS = SAMEORIGIN