From 5bd8c2b53d99ab29807ff83b4811487fde16608f Mon Sep 17 00:00:00 2001 From: "n.nakhostin" Date: Mon, 22 Sep 2025 13:08:01 +0330 Subject: [PATCH] Enhance CORS Configuration in HTTP Server Initialization - Updated the CORS middleware configuration in the HTTP server initialization to include additional allowed headers: Origin, Content-Type, Accept, and Authorization. - This enhancement improves the flexibility and security of cross-origin requests, ensuring that necessary headers are accepted for proper API functionality. --- cmd/web/bootstrap/bootstrap.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cmd/web/bootstrap/bootstrap.go b/cmd/web/bootstrap/bootstrap.go index c2d2bbb..0c1d866 100644 --- a/cmd/web/bootstrap/bootstrap.go +++ b/cmd/web/bootstrap/bootstrap.go @@ -89,6 +89,12 @@ func InitHTTPServer(conf Config, log logger.Logger) *echo.Echo { e.Use(middleware.CORSWithConfig(middleware.CORSConfig{ AllowOrigins: []string{"*"}, AllowMethods: []string{echo.GET, echo.POST, echo.PUT, echo.DELETE, echo.OPTIONS, echo.PATCH}, + AllowHeaders: []string{ + echo.HeaderOrigin, + echo.HeaderContentType, + echo.HeaderAccept, + echo.HeaderAuthorization, + }, })) // Add custom middleware for logging