Add cors max age (#563)

* Add cors max age config * fix comment
openflagr · Jan 1, 2024 · 3e4fb4a · 3e4fb4a
1 parent a2c5f9b
commit 3e4fb4a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/pkg/config/env.go b/pkg/config/env.go
@@ -77,6 +77,7 @@ var Config = struct {
 	CORSAllowedMethods   []string `env:"FLAGR_CORS_ALLOWED_METHODS" envDefault:"GET,POST,PUT,DELETE,PATCH" envSeparator:","`
 	CORSAllowedOrigins   []string `env:"FLAGR_CORS_ALLOWED_ORIGINS" envDefault:"*" envSeparator:","`
 	CORSExposedHeaders   []string `env:"FLAGR_CORS_EXPOSED_HEADERS" envDefault:"WWW-Authenticate" envSeparator:","`
+	CORSMaxAge           int      `env:"FLAGR_CORS_MAX_AGE" envDefault:"600"`
 
 	// SentryEnabled - enable Sentry and Sentry DSN
 	SentryEnabled     bool   `env:"FLAGR_SENTRY_ENABLED" envDefault:"false"`

diff --git a/pkg/config/middleware.go b/pkg/config/middleware.go
@@ -78,6 +78,7 @@ func SetupGlobalMiddleware(handler http.Handler) http.Handler {
 			ExposedHeaders:   Config.CORSExposedHeaders,
 			AllowedMethods:   Config.CORSAllowedMethods,
 			AllowCredentials: Config.CORSAllowCredentials,
+			MaxAge:           Config.CORSMaxAge,
 		}))
 	}
 
@@ -126,7 +127,7 @@ func setupRecoveryMiddleware() *negroni.Recovery {
 	return r
 }
 
-/**
+/*
 setupJWTAuthMiddleware setup an JWTMiddleware from the ENV config
 */
 func setupJWTAuthMiddleware() *jwtAuth {
@@ -220,7 +221,7 @@ func (a *jwtAuth) ServeHTTP(w http.ResponseWriter, req *http.Request, next http.
 	a.JWTMiddleware.HandlerWithNext(w, req, next)
 }
 
-/**
+/*
 setupBasicAuthMiddleware setup an BasicMiddleware from the ENV config
 */
 func setupBasicAuthMiddleware() *basicAuth {