mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-11-22 05:17:30 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

[chore]: Bump github.com/gin-contrib/cors from 1.7.3 to 1.7.4

Browse source 
Bumps [github.com/gin-contrib/cors](https://github.com/gin-contrib/cors) from 1.7.3 to 1.7.4.
- [Release notes](https://github.com/gin-contrib/cors/releases)
- [Changelog](https://github.com/gin-contrib/cors/blob/master/.goreleaser.yaml)
- [Commits](https://github.com/gin-contrib/cors/compare/v1.7.3...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/gin-contrib/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot] 2025-03-31 06:10:16 +00:00 committed by GitHub
commit 03ed575074
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 29 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

4
go.mod
View file

@ -2,7 +2,7 @@ module github.com/superseriousbusiness/gotosocial
go 1.23.0 go 1.23.0
toolchain go1.23.3 toolchain go1.24.1
// Replace go-swagger with our version that fixes (ours particularly) use of Go1.23 // Replace go-swagger with our version that fixes (ours particularly) use of Go1.23
replace github.com/go-swagger/go-swagger => codeberg.org/superseriousbusiness/go-swagger v0.31.0-gts-go1.23-fix replace github.com/go-swagger/go-swagger => codeberg.org/superseriousbusiness/go-swagger v0.31.0-gts-go1.23-fix
@ -37,7 +37,7 @@ require (
github.com/SherClockHolmes/webpush-go v1.4.0 github.com/SherClockHolmes/webpush-go v1.4.0
github.com/buckket/go-blurhash v1.1.0 github.com/buckket/go-blurhash v1.1.0
github.com/coreos/go-oidc/v3 v3.12.0 github.com/coreos/go-oidc/v3 v3.12.0
github.com/gin-contrib/cors v1.7.3 github.com/gin-contrib/cors v1.7.4
github.com/gin-contrib/gzip v1.2.2 github.com/gin-contrib/gzip v1.2.2
github.com/gin-contrib/sessions v1.0.2 github.com/gin-contrib/sessions v1.0.2
github.com/gin-gonic/gin v1.10.0 github.com/gin-gonic/gin v1.10.0

4
go.sum generated
View file

@ -133,8 +133,8 @@ github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3G
github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8= github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8=
github.com/gavv/httpexpect v2.0.0+incompatible h1:1X9kcRshkSKEjNJJxX9Y9mQ5BRfbxU5kORdjhlA1yX8= github.com/gavv/httpexpect v2.0.0+incompatible h1:1X9kcRshkSKEjNJJxX9Y9mQ5BRfbxU5kORdjhlA1yX8=
github.com/gavv/httpexpect v2.0.0+incompatible/go.mod h1:x+9tiU1YnrOvnB725RkpoLv1M62hOWzwo5OXotisrKc= github.com/gavv/httpexpect v2.0.0+incompatible/go.mod h1:x+9tiU1YnrOvnB725RkpoLv1M62hOWzwo5OXotisrKc=
github.com/gin-contrib/cors v1.7.3 h1:hV+a5xp8hwJoTw7OY+a70FsL8JkVVFTXw9EcfrYUdns= github.com/gin-contrib/cors v1.7.4 h1:/fC6/wk7rCRtqKqki8lLr2Xq+hnV49aXDLIuSek9g4k=
github.com/gin-contrib/cors v1.7.3/go.mod h1:M3bcKZhxzsvI+rlRSkkxHyljJt1ESd93COUvemZ79j4= github.com/gin-contrib/cors v1.7.4/go.mod h1:vGc/APSgLMlQfEJV5NAzkrAHb0C8DetL3K6QZuvGii0=
github.com/gin-contrib/gzip v1.2.2 h1:iUU/EYCM8ENfkjmZaVrxbjF/ZC267Iqv5S0MMCMEliI= github.com/gin-contrib/gzip v1.2.2 h1:iUU/EYCM8ENfkjmZaVrxbjF/ZC267Iqv5S0MMCMEliI=
github.com/gin-contrib/gzip v1.2.2/go.mod h1:C1a5cacjlDsS20cKnHlZRCPUu57D3qH6B2pV0rl+Y/s= github.com/gin-contrib/gzip v1.2.2/go.mod h1:C1a5cacjlDsS20cKnHlZRCPUu57D3qH6B2pV0rl+Y/s=
github.com/gin-contrib/sessions v1.0.2 h1:UaIjUvTH1cMeOdj3in6dl+Xb6It8RiKRF9Z1anbUyCA= github.com/gin-contrib/sessions v1.0.2 h1:UaIjUvTH1cMeOdj3in6dl+Xb6It8RiKRF9Z1anbUyCA=

1
vendor/github.com/gin-contrib/cors/.golangci.yml generated vendored
View file

@ -7,7 +7,6 @@ linters:
- dogsled - dogsled
- dupl - dupl
- errcheck - errcheck
- exportloopref
- exhaustive - exhaustive
- gochecknoinits - gochecknoinits
- goconst - goconst

14
vendor/github.com/gin-contrib/cors/config.go generated vendored
View file

@ -2,6 +2,7 @@ package cors
import ( import (
"net/http" "net/http"
"regexp"
"strings" "strings"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
@ -122,21 +123,32 @@ func (cors *cors) isOriginValid(c *gin.Context, origin string) bool {
return valid return valid
} }
var originRegex = regexp.MustCompile(`^/(.+)/[gimuy]?$`)
func (cors *cors) validateOrigin(origin string) bool { func (cors *cors) validateOrigin(origin string) bool {
if cors.allowAllOrigins { if cors.allowAllOrigins {
return true return true
} }
for _, value := range cors.allowOrigins { for _, value := range cors.allowOrigins {
if value == origin { if !originRegex.MatchString(value) && value == origin {
return true
}
if originRegex.MatchString(value) &&
regexp.MustCompile(originRegex.FindStringSubmatch(value)[1]).MatchString(origin) {
return true return true
} }
} }
if len(cors.wildcardOrigins) > 0 && cors.validateWildcardOrigin(origin) { if len(cors.wildcardOrigins) > 0 && cors.validateWildcardOrigin(origin) {
return true return true
} }
if cors.allowOriginFunc != nil { if cors.allowOriginFunc != nil {
return cors.allowOriginFunc(origin) return cors.allowOriginFunc(origin)
} }
return false return false
} }

10
vendor/github.com/gin-contrib/cors/cors.go generated vendored
View file

@ -3,6 +3,7 @@ package cors
import ( import (
"errors" "errors"
"fmt" "fmt"
"regexp"
"strings" "strings"
"time" "time"
@ -103,8 +104,17 @@ func (c Config) getAllowedSchemas() []string {
return allowedSchemas return allowedSchemas
} }
var regexpBasedOrigin = regexp.MustCompile(`^\/(.+)\/[gimuy]?$`)
func (c Config) validateAllowedSchemas(origin string) bool { func (c Config) validateAllowedSchemas(origin string) bool {
allowedSchemas := c.getAllowedSchemas() allowedSchemas := c.getAllowedSchemas()
if regexpBasedOrigin.MatchString(origin) {
// Normalize regexp-based origins
origin = regexpBasedOrigin.FindStringSubmatch(origin)[1]
origin = strings.Replace(origin, "?", "", 1)
}
for _, schema := range allowedSchemas { for _, schema := range allowedSchemas {
if strings.HasPrefix(origin, schema) { if strings.HasPrefix(origin, schema) {
return true return true

4
vendor/modules.txt vendored
View file

@ -391,8 +391,8 @@ github.com/gabriel-vasile/mimetype
github.com/gabriel-vasile/mimetype/internal/charset github.com/gabriel-vasile/mimetype/internal/charset
github.com/gabriel-vasile/mimetype/internal/json github.com/gabriel-vasile/mimetype/internal/json
github.com/gabriel-vasile/mimetype/internal/magic github.com/gabriel-vasile/mimetype/internal/magic
# github.com/gin-contrib/cors v1.7.3 # github.com/gin-contrib/cors v1.7.4
## explicit; go 1.21.0 ## explicit; go 1.23.0
github.com/gin-contrib/cors github.com/gin-contrib/cors
# github.com/gin-contrib/gzip v1.2.2 # github.com/gin-contrib/gzip v1.2.2
## explicit; go 1.21.0 ## explicit; go 1.21.0