Backport #16524 Set AllowedHeaders on API CORS handler and add missing Access-Control-Expose-Headers to pull API. Fix #16100 Signed-off-by: Andrew Thornton <art27@cantab.net>release/v1.15
parent
719e2f26d5
commit
c47065cc29
|
@ -569,6 +569,7 @@ func Routes() *web.Route {
|
||||||
//setting.CORSConfig.AllowSubdomain // FIXME: the cors middleware needs allowSubdomain option
|
//setting.CORSConfig.AllowSubdomain // FIXME: the cors middleware needs allowSubdomain option
|
||||||
AllowedMethods: setting.CORSConfig.Methods,
|
AllowedMethods: setting.CORSConfig.Methods,
|
||||||
AllowCredentials: setting.CORSConfig.AllowCredentials,
|
AllowCredentials: setting.CORSConfig.AllowCredentials,
|
||||||
|
AllowedHeaders: []string{"Authorization", "X-CSRFToken", "X-Gitea-OTP"},
|
||||||
MaxAge: int(setting.CORSConfig.MaxAge.Seconds()),
|
MaxAge: int(setting.CORSConfig.MaxAge.Seconds()),
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
|
|
|
@ -1254,5 +1254,6 @@ func GetPullRequestCommits(ctx *context.APIContext) {
|
||||||
ctx.Header().Set("X-Total-Count", fmt.Sprintf("%d", totalNumberOfCommits))
|
ctx.Header().Set("X-Total-Count", fmt.Sprintf("%d", totalNumberOfCommits))
|
||||||
ctx.Header().Set("X-PageCount", strconv.Itoa(totalNumberOfPages))
|
ctx.Header().Set("X-PageCount", strconv.Itoa(totalNumberOfPages))
|
||||||
ctx.Header().Set("X-HasMore", strconv.FormatBool(listOptions.Page < totalNumberOfPages))
|
ctx.Header().Set("X-HasMore", strconv.FormatBool(listOptions.Page < totalNumberOfPages))
|
||||||
|
ctx.Header().Set("Access-Control-Expose-Headers", "X-Total-Count, X-PerPage, X-Total, X-PageCount, X-HasMore, Link")
|
||||||
ctx.JSON(http.StatusOK, &apiCommits)
|
ctx.JSON(http.StatusOK, &apiCommits)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue