-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document differences between upstream github.com/rs/cors and this fork #21
Comments
@VojtechVitek I believe there are even more differences between the libs, including dependency use, but its been a while since I checked. Certainly submit a PR to list the differences, I think that is a good idea |
I checked, and I think in the past rs/cors had some extra dependencies, but those look to have been removed -- either way I prefer to keep this fork |
May I ask what prompted the signature of the allowOriginFunc func(r *http.Request, origin string) bool What do you need the
allowOriginFunc func(w http.ResponseWriter, r *http.Request, origin string) bool or simply allowOriginFunc func(w http.ResponseWriter, r *http.Request) bool since the Perhaps I'm missing the point of having access to the request. I would appreciate your insight. |
Another difference -- this fork was not vulnerable to upstream security issue https://pkg.go.dev/vuln/GO-2024-2883. |
Hi fellow go-chi authors,
I was looking into why we created this fork in the first place.
Note: The upstream repo has a go-chi example at https://github.com/rs/cors/blob/master/examples/chi/server.go.
1. We have introduced this API breaking change:
=> It looks like upstream adopted this change via rs/cors#59
2. We have introduced
cors.Handler()
functionwhich returns middleware via
cors.New(opts).Handler
behind the scenes3. We have removed few functions:
4. Is there anything else I'm missing?
I wonder if you'd be OK with documenting these changes in the main README.
The text was updated successfully, but these errors were encountered: