cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: explicit allow Origin from request

Browse source
This commit is contained in:
Livio Amstutz 2020-08-10 15:49:32 +02:00
parent 5a8e69978f
commit c88e6b4ab3
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
pkg/op/op.go
View file

@ -35,12 +35,16 @@ var DefaultInterceptor = func(h http.HandlerFunc) http.HandlerFunc {
}) })
} }
var allowAllOrigins = func(_ string) bool {
return true
}
func CreateRouter(o OpenIDProvider, h HttpInterceptor) *mux.Router { func CreateRouter(o OpenIDProvider, h HttpInterceptor) *mux.Router {
if h == nil { if h == nil {
h = DefaultInterceptor h = DefaultInterceptor
} }
router := mux.NewRouter() router := mux.NewRouter()
router.Use(handlers.CORS()) router.Use(handlers.CORS(handlers.AllowedOriginValidator(allowAllOrigins)))
router.HandleFunc(healthzEndpoint, Healthz) router.HandleFunc(healthzEndpoint, Healthz)
router.HandleFunc(readinessEndpoint, o.HandleReady) router.HandleFunc(readinessEndpoint, o.HandleReady)
router.HandleFunc(oidc.DiscoveryEndpoint, o.HandleDiscovery) router.HandleFunc(oidc.DiscoveryEndpoint, o.HandleDiscovery)