1package sockjs 2 3import ( 4 "fmt" 5 "net/http" 6 "time" 7) 8 9func xhrCorsFactory(opts Options) func(rw http.ResponseWriter, req *http.Request) { 10 return func(rw http.ResponseWriter, req *http.Request) { 11 header := rw.Header() 12 var corsEnabled bool 13 var corsOrigin string 14 15 if opts.CheckOrigin != nil { 16 corsEnabled = opts.CheckOrigin(req) 17 if corsEnabled { 18 corsOrigin = req.Header.Get("origin") 19 if corsOrigin == "" { 20 corsOrigin = "*" 21 } 22 } 23 } else { 24 corsEnabled = true 25 corsOrigin = opts.Origin 26 if corsOrigin == "" { 27 corsOrigin = req.Header.Get("origin") 28 } 29 if corsOrigin == "" || corsOrigin == "null" { 30 corsOrigin = "*" 31 } 32 } 33 34 if corsEnabled { 35 header.Set("Access-Control-Allow-Origin", corsOrigin) 36 if allowHeaders := req.Header.Get("Access-Control-Request-Headers"); allowHeaders != "" && allowHeaders != "null" { 37 header.Add("Access-Control-Allow-Headers", allowHeaders) 38 } 39 header.Set("Access-Control-Allow-Credentials", "true") 40 } 41 } 42} 43 44func xhrOptions(rw http.ResponseWriter, req *http.Request) { 45 rw.Header().Set("Access-Control-Allow-Methods", "OPTIONS, POST") 46 rw.WriteHeader(http.StatusNoContent) // 204 47} 48 49func cacheFor(rw http.ResponseWriter, req *http.Request) { 50 rw.Header().Set("Cache-Control", fmt.Sprintf("public, max-age=%d", 365*24*60*60)) 51 rw.Header().Set("Expires", time.Now().AddDate(1, 0, 0).Format(time.RFC1123)) 52 rw.Header().Set("Access-Control-Max-Age", fmt.Sprintf("%d", 365*24*60*60)) 53} 54 55func noCache(rw http.ResponseWriter, req *http.Request) { 56 rw.Header().Set("Cache-Control", "no-store, no-cache, must-revalidate, max-age=0") 57} 58 59func welcomeHandler(rw http.ResponseWriter, req *http.Request) { 60 rw.Header().Set("content-type", "text/plain;charset=UTF-8") 61 fmt.Fprint(rw, "Welcome to SockJS!\n") 62} 63 64func httpError(w http.ResponseWriter, error string, code int) { 65 w.Header().Set("Content-Type", "text/plain; charset=utf-8") 66 w.WriteHeader(code) 67 fmt.Fprint(w, error) 68} 69