From 3e2b152d6e9edc2035ee0b03f85f757f3d0f0b38 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Sun, 13 Jan 2019 23:30:56 +0800 Subject: [PATCH 1/3] Support CORS headers to git smart http protocol --- custom/conf/app.ini.sample | 2 ++ modules/setting/setting.go | 38 ++++++++++++++++++++------------------ routers/repo/http.go | 12 ++++++++++++ 3 files changed, 34 insertions(+), 18 deletions(-) diff --git a/custom/conf/app.ini.sample b/custom/conf/app.ini.sample index 31048f785735c..b8c11cf64f90c 100644 --- a/custom/conf/app.ini.sample +++ b/custom/conf/app.ini.sample @@ -31,6 +31,8 @@ PULL_REQUEST_QUEUE_LENGTH = 1000 PREFERRED_LICENSES = Apache License 2.0,MIT License ; Disable the ability to interact with repositories using the HTTP protocol DISABLE_HTTP_GIT = false +; Value for Access-Control-Allow-Origin header, default is not to present +ACCESS_CONTROL_ALLOW_ORIGIN = ; Force ssh:// clone url instead of scp-style uri when default SSH port is used USE_COMPAT_SSH_URI = false diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 88101937e9b9b..2560c091073ee 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -201,15 +201,16 @@ var ( // Repository settings Repository = struct { - AnsiCharset string - ForcePrivate bool - DefaultPrivate string - MaxCreationLimit int - MirrorQueueLength int - PullRequestQueueLength int - PreferredLicenses []string - DisableHTTPGit bool - UseCompatSSHURI bool + AnsiCharset string + ForcePrivate bool + DefaultPrivate string + MaxCreationLimit int + MirrorQueueLength int + PullRequestQueueLength int + PreferredLicenses []string + DisableHTTPGit bool + AccessControlAllowOrigin string + UseCompatSSHURI bool // Repository editor settings Editor struct { @@ -237,15 +238,16 @@ var ( WorkInProgressPrefixes []string } `ini:"repository.pull-request"` }{ - AnsiCharset: "", - ForcePrivate: false, - DefaultPrivate: RepoCreatingLastUserVisibility, - MaxCreationLimit: -1, - MirrorQueueLength: 1000, - PullRequestQueueLength: 1000, - PreferredLicenses: []string{"Apache License 2.0,MIT License"}, - DisableHTTPGit: false, - UseCompatSSHURI: false, + AnsiCharset: "", + ForcePrivate: false, + DefaultPrivate: RepoCreatingLastUserVisibility, + MaxCreationLimit: -1, + MirrorQueueLength: 1000, + PullRequestQueueLength: 1000, + PreferredLicenses: []string{"Apache License 2.0,MIT License"}, + DisableHTTPGit: false, + AccessControlAllowOrigin: "", + UseCompatSSHURI: false, // Repository editor settings Editor: struct { diff --git a/routers/repo/http.go b/routers/repo/http.go index ec5fbe6c0d336..1728a75fcb201 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -27,6 +27,18 @@ import ( // HTTP implmentation git smart HTTP protocol func HTTP(ctx *context.Context) { + if len(setting.Repository.AccessControlAllowOrigin) > 0 { + // Set CORS headers for browser-based git clients + ctx.Resp.Header().Set("Access-Control-Allow-Origin", setting.Repository.AccessControlAllowOrigin) + ctx.Resp.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, User-Agent") + + // Handle preflight OPTIONS request + if ctx.Req.Method == "OPTIONS" { + ctx.Status(http.StatusOK) + return + } + } + username := ctx.Params(":username") reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git") From a9a1e4259868b6c1e6090e1f556f9ec6354d8b7b Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Mon, 14 Jan 2019 10:23:40 +0800 Subject: [PATCH 2/3] add warning on app.ini --- custom/conf/app.ini.sample | 1 + 1 file changed, 1 insertion(+) diff --git a/custom/conf/app.ini.sample b/custom/conf/app.ini.sample index b8c11cf64f90c..a6ca758423a1f 100644 --- a/custom/conf/app.ini.sample +++ b/custom/conf/app.ini.sample @@ -32,6 +32,7 @@ PREFERRED_LICENSES = Apache License 2.0,MIT License ; Disable the ability to interact with repositories using the HTTP protocol DISABLE_HTTP_GIT = false ; Value for Access-Control-Allow-Origin header, default is not to present +; WARNING: This maybe harmful to you website if you do not give it a right value. ACCESS_CONTROL_ALLOW_ORIGIN = ; Force ssh:// clone url instead of scp-style uri when default SSH port is used USE_COMPAT_SSH_URI = false From 6d35ba0303e14da085a94374fa53ed238999e12e Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Mon, 14 Jan 2019 15:48:28 -0500 Subject: [PATCH 3/3] Update config-cheat-sheet.en-us.md --- docs/content/doc/advanced/config-cheat-sheet.en-us.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index a1526cf439218..6fe98f809be8a 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -62,6 +62,9 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`. HTTP protocol. - `USE_COMPAT_SSH_URI`: **false**: Force ssh:// clone url instead of scp-style uri when default SSH port is used. +- `ACCESS_CONTROL_ALLOW_ORIGIN`: **\**: Value for Access-Control-Allow-Origin header, + default is not to present. **WARNING**: This maybe harmful to you website if you do not + give it a right value. ### Repository - Pull Request (`repository.pull-request`) - `WORK_IN_PROGRESS_PREFIXES`: **WIP:,\[WIP\]**: List of prefixes used in Pull Request