NeoAnd/evolution-audio-converter
1
0
Fork 0
mirror of https://github.com/EvolutionAPI/evolution-audio-converter.git synced 2025-07-13 15:14:50 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: allow origins

Browse Source
This commit is contained in:
Davidson Gomes 2024-11-13 18:45:34 -03:00
parent 0b1a2cbf6d
commit 2773e4749d
1 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
main.go
View File

@ -52,8 +52,10 @@ func init() {
allowOriginsEnv := os.Getenv("CORS_ALLOW_ORIGINS") allowOriginsEnv := os.Getenv("CORS_ALLOW_ORIGINS")
if allowOriginsEnv != "" { if allowOriginsEnv != "" {
allowedOrigins = strings.Split(allowOriginsEnv, ",") allowedOrigins = strings.Split(allowOriginsEnv, ",")
fmt.Printf("Origens permitidas: %v\n", allowedOrigins)
} else { } else {
allowedOrigins = []string{"*"} allowedOrigins = []string{"*"}
fmt.Println("Nenhuma origem específica configurada, permitindo todas (*)")
} }
} }
@ -182,43 +184,56 @@ func processAudio(c *gin.Context) {
} }
func validateOrigin(origin string) bool { func validateOrigin(origin string) bool {
fmt.Printf("Validando origem: %s\n", origin)
fmt.Printf("Origens permitidas: %v\n", allowedOrigins)
if len(allowedOrigins) == 0 { if len(allowedOrigins) == 0 {
return true return true
} }
if origin == "" { if origin == "" {
return false return true
} }
for _, allowed := range allowedOrigins { for _, allowed := range allowedOrigins {
allowed = strings.TrimSpace(allowed)
if allowed == "*" { if allowed == "*" {
return true return true
} }
if allowed == origin { if allowed == origin {
fmt.Printf("Origem %s corresponde a %s\n", origin, allowed)
return true return true
} }
} }
fmt.Printf("Origem %s não encontrada nas permitidas\n", origin)
return false return false
} }
func originMiddleware() gin.HandlerFunc { func originMiddleware() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
origin := c.Request.Header.Get("Origin") origin := c.Request.Header.Get("Origin")
fmt.Printf("\n=== Debug CORS ===\n")
fmt.Printf("Origin recebido: %s\n", origin)
fmt.Printf("Headers completos: %+v\n", c.Request.Header)
fmt.Printf("Origens permitidas: %v\n", allowedOrigins)
fmt.Printf("=================\n")
if origin == "" { if origin == "" {
origin = c.Request.Header.Get("Referer") origin = c.Request.Header.Get("Referer")
if origin != "" { fmt.Printf("Origin vazio, usando Referer: %s\n", origin)
if i := strings.Index(origin[8:], "/"); i != -1 {
origin = origin[:i+8]
}
}
} }
if !validateOrigin(origin) { if !validateOrigin(origin) {
fmt.Printf("❌ Origem rejeitada: %s\n", origin)
c.JSON(http.StatusForbidden, gin.H{"error": "Origem não permitida"}) c.JSON(http.StatusForbidden, gin.H{"error": "Origem não permitida"})
c.Abort() c.Abort()
return return
} }
fmt.Printf("✅ Origem aceita: %s\n", origin)
c.Next() c.Next()
} }
} }
@ -235,6 +250,7 @@ func main() {
config.AllowOrigins = allowedOrigins config.AllowOrigins = allowedOrigins
config.AllowMethods = []string{"POST", "GET", "OPTIONS"} config.AllowMethods = []string{"POST", "GET", "OPTIONS"}
config.AllowHeaders = []string{"Origin", "Content-Type", "Accept", "Authorization", "apikey"} config.AllowHeaders = []string{"Origin", "Content-Type", "Accept", "Authorization", "apikey"}
config.AllowCredentials = true
router.Use(cors.New(config)) router.Use(cors.New(config))
router.Use(originMiddleware()) router.Use(originMiddleware())