mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-12-01 23:53:32 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

[chore]: Bump github.com/gin-contrib/cors from 1.7.3 to 1.7.4

Browse source 
Bumps [github.com/gin-contrib/cors](https://github.com/gin-contrib/cors) from 1.7.3 to 1.7.4.
- [Release notes](https://github.com/gin-contrib/cors/releases)
- [Changelog](https://github.com/gin-contrib/cors/blob/master/.goreleaser.yaml)
- [Commits](https://github.com/gin-contrib/cors/compare/v1.7.3...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/gin-contrib/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot] 2025-03-31 06:10:16 +00:00 committed by GitHub
commit 03ed575074
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 29 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

1
vendor/github.com/gin-contrib/cors/.golangci.yml generated vendored
View file

@ -7,7 +7,6 @@ linters:
- dogsled
- dupl
- errcheck
- exportloopref
- exhaustive
- gochecknoinits
- goconst

14
vendor/github.com/gin-contrib/cors/config.go generated vendored
View file

@ -2,6 +2,7 @@ package cors
import (
"net/http"
"regexp"
"strings"
"github.com/gin-gonic/gin"
@ -122,21 +123,32 @@ func (cors *cors) isOriginValid(c *gin.Context, origin string) bool {
return valid
}
var originRegex = regexp.MustCompile(`^/(.+)/[gimuy]?$`)
func (cors *cors) validateOrigin(origin string) bool {
if cors.allowAllOrigins {
return true
}
for _, value := range cors.allowOrigins {
if value == origin {
if !originRegex.MatchString(value) && value == origin {
return true
}
if originRegex.MatchString(value) &&
regexp.MustCompile(originRegex.FindStringSubmatch(value)[1]).MatchString(origin) {
return true
}
}
if len(cors.wildcardOrigins) > 0 && cors.validateWildcardOrigin(origin) {
return true
}
if cors.allowOriginFunc != nil {
return cors.allowOriginFunc(origin)
}
return false
}

10
vendor/github.com/gin-contrib/cors/cors.go generated vendored
View file

@ -3,6 +3,7 @@ package cors
import (
"errors"
"fmt"
"regexp"
"strings"
"time"
@ -103,8 +104,17 @@ func (c Config) getAllowedSchemas() []string {
return allowedSchemas
}
var regexpBasedOrigin = regexp.MustCompile(`^\/(.+)\/[gimuy]?$`)
func (c Config) validateAllowedSchemas(origin string) bool {
allowedSchemas := c.getAllowedSchemas()
if regexpBasedOrigin.MatchString(origin) {
// Normalize regexp-based origins
origin = regexpBasedOrigin.FindStringSubmatch(origin)[1]
origin = strings.Replace(origin, "?", "", 1)
}
for _, schema := range allowedSchemas {
if strings.HasPrefix(origin, schema) {
return true