Improve CORS Method Middleware#477
Merged
elithrar merged 17 commits intogorilla:masterfrom Jun 29, 2019
Merged
Conversation
Contributor
Author
|
It looks like CI is failing on Go < 1.11 due to |
fharding1
commented
May 27, 2019
21fd551 to
485bbf3
Compare
12176f8 to
ff3f999
Compare
Contributor
Author
|
I've modified the travis CI config to only check the gofmt diff on the latest Go version, let me know if that is undesirable for some reason. |
Contributor
|
Good move - no disagreement from me.
Will review in full this week.
…On Mon, May 27, 2019 at 12:19 PM Franklin Harding ***@***.***> wrote:
I've modified the travis CI config to only check the gofmt diff on the
latest Go version, let me know if that is undesirable for some reason.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#477?email_source=notifications&email_token=AAAEQ4C6RRVUZZ66QCIBUEDPXQJ2PA5CNFSM4HPYDHU2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWKHU5I#issuecomment-496269941>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAAEQ4BL2FB3QNDRFGCKQMDPXQJ2PANCNFSM4HPYDHUQ>
.
|
Contributor
|
Can you summarize the breaking changes / major behavioral changes (same thing) for the change-log, too? |
Contributor
Author
|
Sure! I think these are all of them: Breaking changes to
|
elithrar
suggested changes
Jun 28, 2019
Contributor
elithrar
left a comment
There was a problem hiding this comment.
See comments.
As I've reviewed this, my overall feedback is that the .Methods(http.MethodOptions) requirement will continue to be a sharp edge for users, and we should document it clearly if we are not automatically handling it for them.
c79f90b to
38f5d51
Compare
* Only sets Access-Control-Allow-Methods on valid preflight requests * Does not return after setting the Access-Control-Allow-Methods header * Does not append OPTIONS header to Access-Control-Allow-Methods regardless of whether there is an OPTIONS method matcher * Adds tests for the listed behavior
7ca8d93 to
794440e
Compare
Contributor
Author
|
Updated the circleci config to only check the gofmt diff on the latest go version like I did for travis originally. Also that github integration with circleci is clean 🙌 |
Contributor
|
Thanks! I’ll update the base CI template to do that + run lint where possible too^ ^ A couple of Gorilla packages fail golint due to Http vs. HTTP casing. |
elithrar
reviewed
Jun 29, 2019
Contributor
|
See
https://github.com/gorilla/.github/blob/master/config.yml.tmpl as the
canonical example!
…On Sat, Jun 29, 2019 at 12:16 PM Franklin Harding ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In .circleci/config.yml
<#477 (comment)>:
> @@ -11,8 +11,11 @@ jobs:
- checkout
- run: go version
- run: go get -t -v ./...
- - run: diff -u <(echo -n) <(gofmt -d .)
- - run: if [[ "$LATEST" = true ]]; then go vet -v .; fi
+ - run: >
+ if [[ "$LATEST" = true ]]; then
+ diff -u <(echo -n) <(gofmt -d .)
Good call
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#477?email_source=notifications&email_token=AAAEQ4GHOKIY3FHVWVF4IE3P46YIJA5CNFSM4HPYDHU2YY3PNVWWK3TUL52HS4DFWFIHK3DMKJSXC5LFON2FEZLWNFSXPKTDN5WW2ZLOORPWSZGOB5BPVSQ#discussion_r298808793>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAAEQ4FM24YN4C275OTHZXTP46YIJANCNFSM4HPYDHUQ>
.
|
elithrar
approved these changes
Jun 29, 2019
Contributor
|
Thanks again @fharding1! 👍 |
thaJeztah
added a commit
to thaJeztah/docker
that referenced
this pull request
Oct 6, 2019
full diff: gorilla/mux@ed099d4...00bdffe changes included: - gorilla/mux#477 Improve CORS Method Middleware - implements gorilla/mux#477 Make CORSMethodMiddleware actually make sense - gorilla/mux#489 Fix nil panic in authentication middleware example Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Oct 7, 2019
full diff: gorilla/mux@ed099d4...00bdffe changes included: - gorilla/mux#477 Improve CORS Method Middleware - implements gorilla/mux#477 Make CORSMethodMiddleware actually make sense - gorilla/mux#489 Fix nil panic in authentication middleware example Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: bb5650619e26cf0b79f30bafc551e5120a0643a4 Component: engine
burnMyDread
pushed a commit
to burnMyDread/moby
that referenced
this pull request
Oct 21, 2019
full diff: gorilla/mux@ed099d4...00bdffe changes included: - gorilla/mux#477 Improve CORS Method Middleware - implements gorilla/mux#477 Make CORSMethodMiddleware actually make sense - gorilla/mux#489 Fix nil panic in authentication middleware example Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Signed-off-by: zach <Zachary.Joyner@linux.com>
thaJeztah
added a commit
to thaJeztah/cli
that referenced
this pull request
Oct 23, 2019
full diff: gorilla/mux@ed099d4...00bdffe changes included: - gorilla/mux#477 Improve CORS Method Middleware - implements gorilla/mux#477 Make CORSMethodMiddleware actually make sense - gorilla/mux#489 Fix nil panic in authentication middleware example Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Dec 4, 2019
full diff: gorilla/mux@ed099d4...00bdffe changes included: - gorilla/mux#477 Improve CORS Method Middleware - implements gorilla/mux#477 Make CORSMethodMiddleware actually make sense - gorilla/mux#489 Fix nil panic in authentication middleware example Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 4b5ecc982a441b26846c4240c30b03f940950b31 Component: cli
sam-github
reviewed
Jan 18, 2020
| > | ||
| < HTTP/1.1 200 OK | ||
| < Access-Control-Allow-Methods: GET,PUT,PATCH,OPTIONS | ||
| < Access-Control-Allow-Origin: * |
There was a problem hiding this comment.
The docs added above said
You will still need to use your own CORS handler to set the other CORS headers such as
Access-Control-Allow-Origin
But the example shows that header is added, which is it?
And what's the relationship of this middleware with github.com/gorilla/handlers/CORS?
I'm confused.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR implements the behavior outlined in #476:
Access-Control-Allow-Methodson all requests to a route with an OPTIONS method matcherAccess-Control-Allow-MethodsheaderOPTIONSheader toAccess-Control-Allow-Methodsregardless of whether there is an OPTIONS method matcher. Only returnsOPTIONSif there is an actual matcherCloses #476