From dfc2d5e35ca7359d4efe5731f0c31c0acda2aa0c Mon Sep 17 00:00:00 2001 From: yusing Date: Sun, 17 Aug 2025 20:46:26 +0800 Subject: [PATCH] feat(handler): add SkipOriginCheckMiddleware and configuration option to bypass origin checks --- internal/api/handler.go | 17 +++++++++++++++++ internal/common/env.go | 2 ++ 2 files changed, 19 insertions(+) diff --git a/internal/api/handler.go b/internal/api/handler.go index 835bfbbb..0d5fd322 100644 --- a/internal/api/handler.go +++ b/internal/api/handler.go @@ -4,6 +4,7 @@ import ( "net/http" "github.com/gin-gonic/gin" + "github.com/gorilla/websocket" "github.com/rs/zerolog/log" swaggerFiles "github.com/swaggo/files" ginSwagger "github.com/swaggo/gin-swagger" @@ -19,6 +20,7 @@ import ( metricsApi "github.com/yusing/go-proxy/internal/api/v1/metrics" routeApi "github.com/yusing/go-proxy/internal/api/v1/route" "github.com/yusing/go-proxy/internal/auth" + "github.com/yusing/go-proxy/internal/common" ) // @title GoDoxy API @@ -66,6 +68,9 @@ func NewHandler() *gin.Engine { if auth.IsEnabled() { v1.Use(AuthMiddleware()) } + if common.APISkipOriginCheck { + v1.Use(SkipOriginCheckMiddleware()) + } { v1.GET("/favicon", apiV1.FavIcon) v1.GET("/health", apiV1.Health) @@ -152,6 +157,18 @@ func AuthMiddleware() gin.HandlerFunc { } } +func SkipOriginCheckMiddleware() gin.HandlerFunc { + upgrader := &websocket.Upgrader{ + CheckOrigin: func(r *http.Request) bool { + return true + }, + } + return func(c *gin.Context) { + c.Set("upgrader", upgrader) + c.Next() + } +} + func ErrorHandler() gin.HandlerFunc { return func(c *gin.Context) { c.Next() diff --git a/internal/common/env.go b/internal/common/env.go index ddbbffeb..11a10fb9 100644 --- a/internal/common/env.go +++ b/internal/common/env.go @@ -42,6 +42,8 @@ var ( APIUser = GetEnvString("API_USER", "admin") APIPassword = GetEnvString("API_PASSWORD", "password") + APISkipOriginCheck = GetEnvBool("API_SKIP_ORIGIN_CHECK", false) // skip this in UI Demo + DebugDisableAuth = GetEnvBool("DEBUG_DISABLE_AUTH", false) // OIDC Configuration.