Skip to content

Commit

Permalink
Add necessary safe headers under CORS (#5750)
Browse files Browse the repository at this point in the history 
Fixes #5748
  • Loading branch information
@harshavardhana @kannappanr
harshavardhana authored and kannappanr committed Apr 3, 2018
1 parent 8eb838b commit b052bfa
Showing 1 changed file with 12 additions and 3 deletions.
15 changes: 12 additions & 3 deletions cmd/generic-handlers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -375,9 +375,18 @@ var defaultAllowableHTTPMethods = []string{

// setCorsHandler handler for CORS (Cross Origin Resource Sharing)
func setCorsHandler(h http.Handler) http.Handler {
commonS3Headers := []string{"Content-Length", "Content-Type", "Connection",
"Date", "ETag", "Server", "x-amz-delete-marker", "x-amz-id-2",
"x-amz-request-id", "x-amz-version-id"}
commonS3Headers := []string{
"Date",
"ETag",
"Server",
"Connection",
"Accept-Ranges",
"Content-Range",
"Content-Encoding",
"Content-Length",
"Content-Type",
"x-amz-request-id",
}
c := cors.New(cors.Options{
AllowedOrigins: []string{"*"},
AllowedMethods: defaultAllowableHTTPMethods,
Expand Down

0 comments on commit b052bfa

Please sign in to comment.