Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

CORS wildcard origin and allow credentials #2405

Merged
merged 2 commits into from
Feb 21, 2023
Merged

CORS wildcard origin and allow credentials #2405

merged 2 commits into from
Feb 21, 2023

Conversation

aldas
Copy link
Contributor

@aldas aldas commented Feb 21, 2023

Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UNSAFE usages of wildcard origin + allow cretentials less likely.

See: #2400

aldas added 2 commits February 21, 2023 12:20
@aldas
use different variable name so returned function would not accidental…
8c2e199 
…ly be able to use it in future and cause data race
@aldas
Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to…
581ebc3 
… make UNSAFE usages of wildcard origin + allow cretentials less likely.
@codecov
Copy link

codecov bot commented Feb 21, 2023

Codecov Report

Base: 92.80% // Head: 92.80% // No change to project coverage 👍

Coverage data is based on head (581ebc3) compared to base (b888a30).
Patch coverage: 60.00% of modified lines in pull request are covered.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #2405   +/-   ##
=======================================
  Coverage   92.80%   92.80%           
=======================================
  Files          38       38           
  Lines        4506     4506           
=======================================
  Hits         4182     4182           
  Misses        236      236           
  Partials       88       88
Impacted Files Coverage Δ
middleware/csrf.go 89.42% <33.33%> (ø)
middleware/jwt.go 92.98% <33.33%> (ø)
middleware/cors.go 92.85% <100.00%> (ø)
middleware/key_auth.go 93.42% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@aldas aldas requested a review from lammel February 21, 2023 10:45
@aldas
Copy link
Contributor Author

aldas commented Feb 21, 2023

@lammel ping

lammel
lammel approved these changes Feb 21, 2023
View reviewed changes
Copy link
Contributor

@lammel lammel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.
Nothing to add.

@aldas aldas merged commit f909660 into labstack:master Feb 21, 2023
@aldas aldas mentioned this pull request Feb 23, 2023
Closed
3 tasks
@aldas aldas deleted the cors_wildcardcredential branch July 22, 2023 15:45
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@lammel lammel lammel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aldas @lammel