Update dependencies

.github/workflows/go.yml

@@ -11,12 +11,12 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
 
     - name: Set up Go
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v5
       with:
-        go-version: 1.17
+        go-version: '1.20'
 
     - name: Test
       run: go test -v ./...

cors.go

@@ -11,13 +11,16 @@ const Namespace = "github.com/devopsfaith/krakend-cors"
 
 // Config holds the configuration of CORS
 type Config struct {
-	AllowOrigins     []string
-	AllowMethods     []string
-	AllowHeaders     []string
-	ExposeHeaders    []string
-	AllowCredentials bool
-	MaxAge           time.Duration
-	Debug            bool
+	AllowOrigins         []string
+	AllowMethods         []string
+	AllowHeaders         []string
+	ExposeHeaders        []string
+	AllowCredentials     bool
+	AllowPrivateNetwork  bool
+	OptionsPassthrough   bool
+	OptionsSuccessStatus int
+	MaxAge               time.Duration
+	Debug                bool
 }
 
 // ConfigGetter implements the config.ConfigGetter interface. It parses the extra config an allowed
@@ -35,7 +38,6 @@ func ConfigGetter(e config.ExtraConfig) interface{} {
 
 	cfg := Config{}
 	cfg.AllowOrigins = getList(tmp, "allow_origins")
-
 	cfg.AllowMethods = getList(tmp, "allow_methods")
 	cfg.AllowHeaders = getList(tmp, "allow_headers")
 	cfg.ExposeHeaders = getList(tmp, "expose_headers")
@@ -51,6 +53,22 @@ func ConfigGetter(e config.ExtraConfig) interface{} {
 		cfg.Debug = ok && v
 	}
 
+	if allowPrivateNetwork, ok := tmp["allow_private_network"]; ok {
+		v, ok := allowPrivateNetwork.(bool)
+		cfg.AllowPrivateNetwork = ok && v
+	}
+
+	if optionsPassthrough, ok := tmp["options_passthrough"]; ok {
+		v, ok := optionsPassthrough.(bool)
+		cfg.OptionsPassthrough = ok && v
+	}
+
+	if optionsSuccessStatus, ok := tmp["options_success_status"]; ok {
+		if v, ok := optionsSuccessStatus.(float64); ok {
+			cfg.OptionsSuccessStatus = int(v)
+		}
+	}
+
 	if maxAge, ok := tmp["max_age"]; ok {
 		if d, err := time.ParseDuration(maxAge.(string)); err == nil {
 			cfg.MaxAge = d
@@ -60,7 +78,7 @@ func ConfigGetter(e config.ExtraConfig) interface{} {
 }
 
 func getList(data map[string]interface{}, name string) []string {
-	out := []string{}
+	var out []string
 	if vs, ok := data[name]; ok {
 		if v, ok := vs.([]interface{}); ok {
 			for _, s := range v {

gin/cors.go

@@ -24,13 +24,29 @@ func New(e config.ExtraConfig) gin.HandlerFunc {
 		return nil
 	}
 
+	if len(cfg.AllowOrigins) == 0 {
+		cfg.AllowOrigins = []string{"*"}
+	}
+	if len(cfg.AllowHeaders) == 0 {
+		cfg.AllowHeaders = []string{"*"}
+	}
+	// Maintain the old default value to not change behaviour
+	// the rs/cors new default is to return a 204
+	if cfg.OptionsSuccessStatus == 0 {
+		cfg.OptionsSuccessStatus = 200
+	}
+
 	return wrapper.New(cors.Options{
-		AllowedOrigins:   cfg.AllowOrigins,
-		AllowedMethods:   cfg.AllowMethods,
-		AllowedHeaders:   cfg.AllowHeaders,
-		ExposedHeaders:   cfg.ExposeHeaders,
-		AllowCredentials: cfg.AllowCredentials,
-		MaxAge:           int(cfg.MaxAge.Seconds()),
+		AllowedOrigins:       cfg.AllowOrigins,
+		AllowedMethods:       cfg.AllowMethods,
+		AllowedHeaders:       cfg.AllowHeaders,
+		ExposedHeaders:       cfg.ExposeHeaders,
+		AllowCredentials:     cfg.AllowCredentials,
+		AllowPrivateNetwork:  cfg.AllowPrivateNetwork,
+		OptionsPassthrough:   cfg.OptionsPassthrough,
+		OptionsSuccessStatus: cfg.OptionsSuccessStatus,
+		MaxAge:               int(cfg.MaxAge.Seconds()),
+		Debug:                cfg.Debug,
 	})
 }
 

gin/cors_test.go

@@ -27,7 +27,8 @@ func TestNew(t *testing.T) {
 			}
 		}`)
 	json.Unmarshal(serialized, &sampleCfg)
-	e := gin.Default()
+	gin.SetMode(gin.TestMode)
+	e := gin.New()
 	corsMw := New(sampleCfg)
 	if corsMw == nil {
 		t.Error("The cors middleware should not be nil.\n")
@@ -48,7 +49,7 @@ func TestNew(t *testing.T) {
 		"Vary":                         "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
 		"Access-Control-Allow-Origin":  "http://foobar.com",
 		"Access-Control-Allow-Methods": "GET",
-		"Access-Control-Allow-Headers": "Origin",
+		"Access-Control-Allow-Headers": "origin",
 		"Access-Control-Max-Age":       "7200",
 	})
 }
@@ -60,7 +61,8 @@ func TestAllowOriginWildcard(t *testing.T) {
 			}
 		}`)
 	json.Unmarshal(serialized, &sampleCfg)
-	e := gin.Default()
+	gin.SetMode(gin.TestMode)
+	e := gin.New()
 	corsMw := New(sampleCfg)
 	if corsMw == nil {
 		t.Error("The cors middleware should not be nil.\n")
@@ -81,7 +83,7 @@ func TestAllowOriginWildcard(t *testing.T) {
 		"Vary":                         "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
 		"Access-Control-Allow-Origin":  "*",
 		"Access-Control-Allow-Methods": "GET",
-		"Access-Control-Allow-Headers": "Origin",
+		"Access-Control-Allow-Headers": "origin",
 	})
 }
 
@@ -91,7 +93,8 @@ func TestAllowOriginEmpty(t *testing.T) {
 			}
 		}`)
 	json.Unmarshal(serialized, &sampleCfg)
-	e := gin.Default()
+	gin.SetMode(gin.TestMode)
+	e := gin.New()
 	corsMw := New(sampleCfg)
 	if corsMw == nil {
 		t.Error("The cors middleware should not be nil.\n")
@@ -112,7 +115,7 @@ func TestAllowOriginEmpty(t *testing.T) {
 		"Vary":                         "Origin, Access-Control-Request-Method, Access-Control-Request-Headers",
 		"Access-Control-Allow-Origin":  "*",
 		"Access-Control-Allow-Methods": "GET",
-		"Access-Control-Allow-Headers": "Origin",
+		"Access-Control-Allow-Headers": "origin",
 	})
 }
 

go.mod

@@ -1,30 +1,39 @@
 module github.com/krakendio/krakend-cors/v2
 
 require (
-	github.com/gin-gonic/gin v1.7.7
-	github.com/luraproject/lura/v2 v2.0.5
-	github.com/rs/cors v1.6.0
+	github.com/gin-gonic/gin v1.9.1
+	github.com/luraproject/lura/v2 v2.6.3
+	github.com/rs/cors v1.11.0
 )
 
 require (
+	github.com/bytedance/sonic v1.9.1 // indirect
+	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
-	github.com/go-playground/locales v0.14.0 // indirect
-	github.com/go-playground/universal-translator v0.18.0 // indirect
-	github.com/go-playground/validator/v10 v10.9.0 // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/go-playground/validator/v10 v10.14.0 // indirect
+	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
 	github.com/krakendio/flatmap v1.1.1 // indirect
-	github.com/leodido/go-urn v1.2.1 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/leodido/go-urn v1.2.4 // indirect
+	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/ugorji/go/codec v1.2.6 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
+	github.com/rs/cors/wrapper/gin v0.0.0-20240515105523-1562b1715b35 // indirect
+	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
+	github.com/ugorji/go/codec v1.2.11 // indirect
 	github.com/valyala/fastrand v1.1.0 // indirect
-	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
-	golang.org/x/sys v0.0.0-20211004093028-2c5d950f24ef // indirect
-	golang.org/x/text v0.3.7 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
+	golang.org/x/arch v0.3.0 // indirect
+	golang.org/x/crypto v0.17.0 // indirect
+	golang.org/x/net v0.17.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
-go 1.17
+go 1.20