Skip to content
Snippets Groups Projects

security: remove duplicated code in CORS handling

Merged security: remove duplicated code in CORS handling
sg/public-api-refactor-2 into main
Merged Warren Gifford requested to merge sg/public-api-refactor-2 into main

Created by: slimsag

Stacked on top of #27295

isTrustedOrigin is a defined function which checks whether or not a request comes from a trusted origin or not, but prior to this change we had the same exact logic duplicated in our CORS handling method in order to determine if we should send Access-Control-Allow-Origin back to the client with the origin the request came from.

Much clearer to reuse the same code, and reduces the surface area that bugs could arise in.

Signed-off-by: Stephen Gutekanst stephen@sourcegraph.com

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
Please register or sign in to reply