Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Make CORS work for oauth2 handlers (#28184) #28185

Merged
merged 1 commit into from
Nov 23, 2023
Merged

Make CORS work for oauth2 handlers (#28184) #28185

merged 1 commit into from
Nov 23, 2023

Conversation

GiteaBot
Copy link
Collaborator

Backport #28184 by @wxiaoguang

Fix #25473

Although there was m.Post("/#/oauth/access_token", CorsHandler() ... ,it never really worked, because it still lacks the "OPTIONS" handler.

After the fix:

$ curl -v -X OPTIONS --header "Access-Control-Request-Method: POST" http://localhost:3000/#/oauth/access_token
*   Trying 127.0.0.1:3000...
> OPTIONS /#/oauth/access_token HTTP/1.1
> Accept: */*
> Access-Control-Request-Method: POST
>
< HTTP/1.1 200 OK
< Vary: Origin
< Vary: Access-Control-Request-Method
< Vary: Access-Control-Request-Headers
< X-Frame-Options: SAMEORIGIN
< X-Gitea-Debug: RUN_MODE=dev
< Date: Thu, 23 Nov 2023 11:45:36 GMT
< Content-Length: 0



$ curl -v -X OPTIONS http://localhost:3000/#/oauth/access_token
> OPTIONS /#/oauth/access_token HTTP/1.1
> Accept: */*
>
< HTTP/1.1 400 Bad Request
< Vary: Origin
< X-Frame-Options: SAMEORIGIN
< X-Gitea-Debug: RUN_MODE=dev
< Date: Thu, 23 Nov 2023 11:45:32 GMT
< Content-Length: 0

ps: I haven't fully tested the "oauth2 cors client", we can make further fixes if there are still problems.

@wxiaoguang @GiteaBot
Make CORS work for oauth2 handlers (go-gitea#28184)
a8832b5 
Fix go-gitea#25473

Although there was `m.Post("/#/oauth/access_token", CorsHandler()...`,
it never really worked, because it still lacks the "OPTIONS" handler.
@GiteaBot GiteaBot added this to the 1.21.1 milestone Nov 23, 2023
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Nov 23, 2023
@GiteaBot GiteaBot requested a review from delvh November 23, 2023 13:19
@pull-request-size pull-request-size bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Nov 23, 2023
@GiteaBot GiteaBot requested a review from lunny November 23, 2023 13:19
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Nov 23, 2023
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Nov 23, 2023
@wxiaoguang wxiaoguang merged commit 23838c2 into go-gitea:release/v1.21 Nov 23, 2023
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Feb 21, 2024
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers

@wxiaoguang wxiaoguang wxiaoguang approved these changes

@denyskon denyskon denyskon approved these changes

@delvh delvh Awaiting requested review from delvh

@lunny lunny Awaiting requested review from lunny

Assignees

@wxiaoguang wxiaoguang

Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. type/bug
Projects
None yet
Milestone
1.21.1
Development

Successfully merging this pull request may close these issues.
3 participants
@GiteaBot @wxiaoguang @denyskon