Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var CorsFilter = func(c *revel.Controller, fc []revel.Filter) { if c.Request.Method == "OPTIONS" { c.Response.Out.Header().Add("Access-Control-Allow-Methods", strings.Join(c.Request.Header["Access-Control-Request-Method"], ",")) c.Response.Out.Header().Add("Access-Control-Allow-Headers", strings.Join(c.Request.Header["Access-Control-Request-Headers"], ",")) c.Response.Out.Header().Add("Access-Control-Allow-Origin", strings.Join(c.Request.Header["Origin"], ",")) c.Response.Out.Header().Add("Access-Control-Allow-Credentials", "true") c.RenderJson("{foo}") } else { fc[0](c, fc[1:]) } }
View Source
var HeaderFilter = func(c *revel.Controller, fc []revel.Filter) { c.Response.Out.Header().Add("X-Frame-Options", "SAMEORIGIN") c.Response.Out.Header().Add("X-XSS-Protection", "1; mode=block") c.Response.Out.Header().Add("X-Content-Type-Options", "nosniff") c.Response.Out.Header().Add("Access-Control-Allow-Origin", strings.Join(c.Request.Header["Origin"], ",")) c.Response.Out.Header().Add("Access-Control-Allow-Credentials", "true") fc[0](c, fc[1:]) }
TODO turn this into revel.HeaderFilter should probably also have a filter for CSRF not sure if it can go in the same filter or not
Functions ¶
This section is empty.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.