rs/cors

Issues

• Some malicious/spoofed preflight requests cause prohibitive load

  #170 opened 8 months ago by jub0bs
  3

• Regression of PR #141 AWS API Gateway support

  #184 opened 4 months ago by cblackcom
  21

• Does It is possible to provide allowedOrigin patterns?

  #193 opened 3 months ago by tamtakoe
  5

• [v0.11.0] `Access-Control-Request-Headers` is matched as-is, without normalization.

  #183 opened 4 months ago by stonedu1011
  15

• GIN: cannot use CORS middleware with router groups

  #102 opened 9 months ago by samber
  9

• Wildcard support for AllowedHeaders or add AllowedHeadersFunc

  #179 opened 4 months ago by kilgaloon
  3

• Bump go directive

  #187 opened 4 months ago by jub0bs
  0

• 405 on OPTIONS preflight

  #185 opened 4 months ago by udf2457
  4

• AllowOriginVaryRequestFunc support for adding values to request context

  #182 opened 5 months ago by mackinleysmith
  4

• v1.11.0 version forces all headers to be lowercase

  #181 opened 5 months ago by jwongmongodb
  0

• Missing origin error

  #93 opened 6 months ago by DogAndHerDude
  17

• Arbitrary origin allowed in CORS header

  #177 opened 7 months ago by Ashish-walkingn8mare
  1

• Case-sensitive look up on allowed headers map

  #176 opened 8 months ago by EmmEff
  4

• Implement the Strict-Transport-Security header with its rules.

  #105 opened 4 years ago by gonzalezlrjesus
  2

• cors not adding multiple Access-Control-Allow-Origin entries

  #172 opened 8 months ago by udf2457
  2

• failing local test since v1.11.0

  #174 opened 8 months ago by alicebob
  3

• gin wrapper default status

  #145 opened 8 months ago by Limm-jk
  1

• [Feature Request] AllowCredentialsFunc: boolean,

  #162 opened 8 months ago by reginbald
  2

• Unexpected response when requesting with multiple comma separated origins and wildcard AllowedOrigins

  #131 opened 2 years ago by latonz
  6

• AllowedOrigins doesn't block unlisted origins

  #167 opened 10 months ago by Nightsee
  2

• .

  #168 opened 10 months ago by mirashanouda
  0

• Middleware benchmarks are still skewed (follow-up to #156)

  #165 opened a year ago by jub0bs
  0

• Returning http status codes - CORS always reports access-control-allow-origin

  #104 opened a year ago by lsgroup
  2

• Allowing methods that are not uppercase should be possible but isn't

  #158 opened a year ago by jub0bs
  5

• Unexpected `Access-Control-Expose-Headers` header behavior

  #159 opened a year ago by chrismeyers
  2

• How to use with DefaultServeMux

  #96 opened a year ago by sammy
  4

• AllowOriginRequestFunc considered harmful (may lead to Web cache poisoning)

  #157 opened a year ago by jub0bs
  2

• gocover.io has shut down

  #142 opened a year ago by jub0bs
  1

• Listing Origin as an allowed request header is unnecessary

  #151 opened a year ago by jub0bs
  4

• No way to disable caching of preflight responses

  #152 opened a year ago by jub0bs
  1

• goa example

  #91 opened a year ago
  1

• CORS request not applying correct on backend

  #106 opened a year ago by mjubil1
  6

• security issue: should not allow rejected requests to go forward

  #129 opened a year ago by localvar
  4

• Problem with .local url

  #122 opened a year ago by spartakos87
  3

• Mux and Cors

  #88 opened a year ago by mazdak78
  1

• Access-Control-Expose-Headers should be sent in preflight response

  #153 opened a year ago by damien-talos
  2

• Will support fasthttp router?

  #125 opened 3 years ago by matianhe3
  0

• [help] Access-Control-Allow-Credentials: true, Access-Control-Allow-Origin cannot be *, but I did not find the corresponding implementation

  #117 opened 3 years ago by rentiansheng
  4

• AllowCredentials should be true in AllowAll()

  #98 opened 3 years ago by mcluseau
  1

• publish latest code

  #116 opened 3 years ago by missinglink
  1

• public isOriginAllowed ?

  #114 opened 4 years ago by alicebob
  2

• Why add Vary: origin, ACRM, ACRH in preflight response?

  #113 opened 4 years ago by mateusz834
  1

• negroni example not apply cors header

  #111 opened 4 years ago by ZedCode
  2

• Negroni Example Doesn't apply cors headers

  #109 opened 4 years ago by ZedCode
  3

• cors header not applying with Negroni example

  #110 opened 4 years ago by ZedCode
  0

• CORS allow missing origin for a specific call?

  #107 opened 4 years ago by hkdb
  1

• The dot character as part of header keys is broking the preflighted requests

  #99 opened 4 years ago by Ariel-dono
  8

• exact same code from iris cors middleware

  #100 opened 5 years ago by WLun001
  1

• HandlePreflight not generating any headers

  #97 opened 5 years ago by mar1n3r0
  1

• Are all these dependencies actually required in the root package?

  #92 opened 5 years ago by h2non
  4