diff --git a/ginext/cors.go b/ginext/cors.go index 368f52b..cad81a7 100644 --- a/ginext/cors.go +++ b/ginext/cors.go @@ -6,11 +6,14 @@ import ( "strings" ) -func CorsMiddleware(header []string) gin.HandlerFunc { +func CorsMiddleware(allowheader []string, exposeheader []string) gin.HandlerFunc { return func(c *gin.Context) { c.Writer.Header().Set("Access-Control-Allow-Origin", "*") c.Writer.Header().Set("Access-Control-Allow-Credentials", "true") - c.Writer.Header().Set("Access-Control-Allow-Headers", strings.Join(header, ", ")) + c.Writer.Header().Set("Access-Control-Allow-Headers", strings.Join(allowheader, ", ")) + if len(exposeheader) > 0 { + c.Writer.Header().Set("Access-Control-Expose-Headers", strings.Join(exposeheader, ", ")) + } c.Writer.Header().Set("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, PATCH, DELETE, COUNT") if c.Request.Method == "OPTIONS" { diff --git a/ginext/engine.go b/ginext/engine.go index 4daa009..e2c886e 100644 --- a/ginext/engine.go +++ b/ginext/engine.go @@ -22,6 +22,7 @@ type GinWrapper struct { opt Options allowCors bool corsAllowHeader []string + corsExposeHeader []string ginDebug bool bufferBody bool requestTimeout time.Duration @@ -43,6 +44,7 @@ type ginRouteSpec struct { type Options struct { AllowCors *bool // Add cors handler to allow all CORS requests on the default http methods CorsAllowHeader *[]string // override the default values of Access-Control-Allow-Headers (AllowCors must be true) + CorsExposeHeader *[]string // return Access-Control-Expose-Headers (AllowCors must be true) GinDebug *bool // Set gin.debug to true (adds more logs) SuppressGinLogs *bool // Suppress our custom gin logs (even if GinDebug == true) BufferBody *bool // Buffers the input body stream, this way the ginext error handler can later include the whole request body @@ -78,6 +80,7 @@ func NewEngine(opt Options) *GinWrapper { suppressGinLogs: langext.Coalesce(opt.SuppressGinLogs, false), allowCors: langext.Coalesce(opt.AllowCors, false), corsAllowHeader: langext.Coalesce(opt.CorsAllowHeader, []string{"Content-Type", "Content-Length", "Accept-Encoding", "X-CSRF-Token", "Authorization", "accept", "origin", "Cache-Control", "X-Requested-With"}), + corsExposeHeader: langext.Coalesce(opt.CorsExposeHeader, []string{}), ginDebug: ginDebug, bufferBody: langext.Coalesce(opt.BufferBody, false), requestTimeout: langext.Coalesce(opt.Timeout, 24*time.Hour), @@ -90,7 +93,7 @@ func NewEngine(opt Options) *GinWrapper { engine.RedirectTrailingSlash = false if wrapper.allowCors { - engine.Use(CorsMiddleware(wrapper.corsAllowHeader)) + engine.Use(CorsMiddleware(wrapper.corsAllowHeader, wrapper.corsExposeHeader)) } if ginDebug && !wrapper.suppressGinLogs { diff --git a/goextVersion.go b/goextVersion.go index acc4491..cd3b1da 100644 --- a/goextVersion.go +++ b/goextVersion.go @@ -1,5 +1,5 @@ package goext -const GoextVersion = "0.0.486" +const GoextVersion = "0.0.487" -const GoextVersionTimestamp = "2024-07-18T17:29:18+0200" +const GoextVersionTimestamp = "2024-07-18T17:45:56+0200"