Return error on bad CORS and add Header specification to API request primitive
This commit is contained in:
Jeff Mitchell
parent
1e3e83f7b0
commit
5817a8a5f8
|
|
@ -14,6 +14,7 @@ type Request struct {
|
|||
Method string
|
||||
URL *url.URL
|
||||
Params url.Values
|
||||
Headers http.Header
|
||||
ClientToken string
|
||||
WrapTTL string
|
||||
Obj interface{}
|
||||
|
|
@ -60,6 +61,14 @@ func (r *Request) ToHTTP() (*http.Request, error) {
|
|||
req.URL.Host = r.URL.Host
|
||||
req.Host = r.URL.Host
|
||||
|
||||
if r.Headers != nil {
|
||||
for header, vals := range r.Headers {
|
||||
for _, val := range vals {
|
||||
req.Header.Add(header, val)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if len(r.ClientToken) != 0 {
|
||||
req.Header.Set("X-Vault-Token", r.ClientToken)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package http
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
|
|
@ -40,7 +41,7 @@ func wrapCORSHandler(h http.Handler, core *vault.Core) http.Handler {
|
|||
// Return a 403 if the origin is not
|
||||
// allowed to make cross-origin requests.
|
||||
if !corsConf.IsValidOrigin(origin) {
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
respondError(w, http.StatusForbidden, fmt.Errorf("origin not allowed"))
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue