Move cors handler early in the pipeline

author: feistel <6742251-feistel@users.noreply.gitlab.com> 2022-06-14 16:09:04 +0300
committer: feistel <6742251-feistel@users.noreply.gitlab.com> 2022-06-14 16:09:04 +0300
commit: 654fcfc4e6afd78ac712cc2b037b573d67f59c7c (patch)
tree: 34d6a39fa14b45f5e1be76c348d820fffbbd4492 /app.go
parent: 8afcd5fdf3505f00ad6f33f6bd148488b6dc9791 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/app.go b/app.go
index 941b9034..c733668f 100644
--- a/app.go
+++ b/app.go
@@ -137,9 +137,6 @@ func setRequestScheme(r *http.Request) *http.Request {
 func (a *theApp) buildHandlerPipeline() (http.Handler, error) {
 	// Handlers should be applied in a reverse order
 	handler := a.serveFileOrNotFoundHandler()
-	if !a.config.General.DisableCrossOriginRequests {
-		handler = corsHandler.Handler(handler)
-	}
 	handler = a.Auth.AuthorizationMiddleware(handler)
 	handler = routing.NewMiddleware(handler, a.source)
 
@@ -147,6 +144,10 @@ func (a *theApp) buildHandlerPipeline() (http.Handler, error) {
 	handler = a.Auth.AuthenticationMiddleware(handler, a.source)
 	handler = handlers.AcmeMiddleware(handler, a.source, a.config.GitLab.PublicServer)
 
+	if !a.config.General.DisableCrossOriginRequests {
+		handler = corsHandler.Handler(handler)
+	}
+
 	// Add auto redirect
 	handler = handlers.HTTPSRedirectMiddleware(handler, a.config.General.RedirectHTTP)
author	feistel <6742251-feistel@users.noreply.gitlab.com>	2022-06-14 16:09:04 +0300
committer	feistel <6742251-feistel@users.noreply.gitlab.com>	2022-06-14 16:09:04 +0300
commit	654fcfc4e6afd78ac712cc2b037b573d67f59c7c (patch)
tree	34d6a39fa14b45f5e1be76c348d820fffbbd4492 /app.go
parent	8afcd5fdf3505f00ad6f33f6bd148488b6dc9791 (diff)