From 9acdf285b866cf81d64476f435bd993816217115 Mon Sep 17 00:00:00 2001 From: Maciej Billewicz Date: Wed, 18 Sep 2024 10:35:02 +0200 Subject: [PATCH 1/4] Add logic to override CORS headers --- cache.go | 16 +++++++++++++++- cache_test.go | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+), 1 deletion(-) diff --git a/cache.go b/cache.go index 2ccd42e..1305b85 100644 --- a/cache.go +++ b/cache.go @@ -146,8 +146,9 @@ func (client *Client) Middleware() echo.MiddlewareFunc { } } else { b, ok := client.adapter.Get(key) - response := BytesToResponse(b) if ok { + response := BytesToResponse(b) + response.Header = client.rewriteCorsHeaders(response.Header, c.Response().Header()) if response.Expiration.After(time.Now()) { response.LastAccess = time.Now() response.Frequency++ @@ -209,6 +210,19 @@ func (client *Client) Middleware() echo.MiddlewareFunc { } } +func (client *Client) rewriteCorsHeaders(cachedHeaders http.Header, responseHeaders http.Header) http.Header { + corsHeaders := []string{ + "Access-Control-Allow-Origin", + "Access-Control-Allow-Credentials", + } + for _, h := range corsHeaders { + if val := responseHeaders.Get(h); val != "" { + cachedHeaders.Set(h, val) + } + } + return cachedHeaders +} + func (client *Client) cacheableMethod(method string) bool { for _, m := range client.methods { if method == m { diff --git a/cache_test.go b/cache_test.go index a80c1f4..297c30a 100644 --- a/cache_test.go +++ b/cache_test.go @@ -12,6 +12,7 @@ import ( "testing" "time" + "github.com/coinpaprika/echo-http-cache/adapter/memory" "github.com/labstack/echo/v4" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -231,6 +232,51 @@ func TestMiddleware(t *testing.T) { } } +func TestCorsHeaders(t *testing.T) { + e := echo.New() + + handler := func(c echo.Context) error { + return c.String(http.StatusOK, "ok") + } + memoryAdapter, err := memory.NewAdapter() + require.NoError(t, err) + + client, _ := NewClient( + ClientWithAdapter(memoryAdapter), + ClientWithTTL(1*time.Minute), + ) + + cacheMiddleware := client.Middleware() + + req, err := http.NewRequest(http.MethodGet, "/test", nil) + require.NoError(t, err) + rec := httptest.NewRecorder() + + // simulate CORS middleware + rec.Header().Add("Access-Control-Allow-Origin", "http://localhost:8181") + rec.Header().Add("Access-Control-Allow-Credentials", "true") + + c := e.NewContext(req, rec) + _ = cacheMiddleware(handler)(c) + + assert.Equal(t, "http://localhost:8181", rec.Header().Get("Access-Control-Allow-Origin")) + assert.Equal(t, "true", rec.Header().Get("Access-Control-Allow-Credentials")) + + secondRec := httptest.NewRecorder() + + // simulate CORS middleware + secondRec.Header().Add("Access-Control-Allow-Origin", "http://coinpaprika.com") + secondRec.Header().Add("Access-Control-Allow-Credentials", "true") + + secondC := e.NewContext(req, secondRec) + _ = cacheMiddleware(handler)(secondC) + + assert.Equal(t, "http://coinpaprika.com", secondRec.Header().Get("Access-Control-Allow-Origin")) + assert.Equal(t, "true", secondRec.Header().Get("Access-Control-Allow-Credentials")) + time.Sleep(time.Second) +} + + func TestRestrictedPaths(t *testing.T) { tests := []struct { name string From a187ec3c0bff9c10d14ea695330c79013f1f8fb0 Mon Sep 17 00:00:00 2001 From: Maciej Billewicz Date: Wed, 18 Sep 2024 11:19:01 +0200 Subject: [PATCH 2/4] Fix overvflow in tests --- adapter/disk/disk_test.go | 4 ++++ adapter/memory/memory_test.go | 4 ++++ adapter/redis/redis_test.go | 4 ++++ cache_test.go | 1 - 4 files changed, 12 insertions(+), 1 deletion(-) diff --git a/adapter/disk/disk_test.go b/adapter/disk/disk_test.go index 8148015..ef36c16 100644 --- a/adapter/disk/disk_test.go +++ b/adapter/disk/disk_test.go @@ -146,6 +146,10 @@ var adapter, _ = NewAdapter(WithDirectory("./tmp/cache")) func BenchmarkSet(b *testing.B) { for i := 0; i < b.N; i++ { + // prevent cast to uint64 overflow + if i < 0 { + b.FailNow() + } _ = adapter.Set(uint64(i), make([]byte, 100), time.Now().Add(1*time.Minute)) adapter.Get(uint64(i)) } diff --git a/adapter/memory/memory_test.go b/adapter/memory/memory_test.go index 6c8c5f0..14f13e3 100644 --- a/adapter/memory/memory_test.go +++ b/adapter/memory/memory_test.go @@ -146,6 +146,10 @@ var adapter, _ = NewAdapter() func BenchmarkSet(b *testing.B) { for i := 0; i < b.N; i++ { + // prevent cast to uint64 overflow + if i < 0 { + b.FailNow() + } _ = adapter.Set(uint64(i), make([]byte, 100), time.Now().Add(1*time.Minute)) adapter.Get(uint64(i)) } diff --git a/adapter/redis/redis_test.go b/adapter/redis/redis_test.go index 4b4426c..6afc996 100644 --- a/adapter/redis/redis_test.go +++ b/adapter/redis/redis_test.go @@ -163,6 +163,10 @@ var adapter = NewAdapter(&RingOptions{ func BenchmarkSet(b *testing.B) { for i := 0; i < b.N; i++ { + // prevent cast to uint64 overflow + if i < 0 { + b.FailNow() + } _ = adapter.Set(uint64(i), make([]byte, 100), time.Now().Add(1*time.Minute)) } } diff --git a/cache_test.go b/cache_test.go index 297c30a..25c8e5e 100644 --- a/cache_test.go +++ b/cache_test.go @@ -276,7 +276,6 @@ func TestCorsHeaders(t *testing.T) { time.Sleep(time.Second) } - func TestRestrictedPaths(t *testing.T) { tests := []struct { name string From 9a43a8c459f417e040c64685eed8e469467f9924 Mon Sep 17 00:00:00 2001 From: Maciej Billewicz Date: Wed, 18 Sep 2024 11:21:40 +0200 Subject: [PATCH 3/4] Udpate deps --- go.mod | 16 ++++++++-------- go.sum | 39 ++++++++++++++++----------------------- 2 files changed, 24 insertions(+), 31 deletions(-) diff --git a/go.mod b/go.mod index 65eaa53..85ae2e9 100644 --- a/go.mod +++ b/go.mod @@ -5,11 +5,11 @@ go 1.19 require ( github.com/go-redis/cache/v8 v8.4.4 github.com/go-redis/redis/v8 v8.11.5 - github.com/labstack/echo/v4 v4.11.1 - github.com/labstack/gommon v0.4.0 + github.com/labstack/echo/v4 v4.12.0 + github.com/labstack/gommon v0.4.2 github.com/patrickmn/go-cache v2.1.0+incompatible github.com/peterbourgon/diskv v2.0.1+incompatible - github.com/stretchr/testify v1.8.4 + github.com/stretchr/testify v1.9.0 ) require ( @@ -24,16 +24,16 @@ require ( github.com/google/btree v1.1.2 // indirect github.com/klauspost/compress v1.13.6 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.19 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/fasttemplate v1.2.2 // indirect github.com/vmihailenco/msgpack/v5 v5.3.4 // indirect - golang.org/x/crypto v0.11.0 // indirect + golang.org/x/crypto v0.22.0 // indirect golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 - golang.org/x/net v0.12.0 // indirect + golang.org/x/net v0.24.0 // indirect golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect - golang.org/x/sys v0.11.0 // indirect - golang.org/x/text v0.11.0 // indirect + golang.org/x/sys v0.19.0 // indirect + golang.org/x/text v0.14.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index bcc5c5f..c990140 100644 --- a/go.sum +++ b/go.sum @@ -42,17 +42,15 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/labstack/echo/v4 v4.11.1 h1:dEpLU2FLg4UVmvCGPuk/APjlH6GDpbEPti61srUUUs4= -github.com/labstack/echo/v4 v4.11.1/go.mod h1:YuYRTSM3CHs2ybfrL8Px48bO6BAnYIN4l8wSTMP6BDQ= -github.com/labstack/gommon v0.4.0 h1:y7cvthEAEbU0yHOf4axH8ZG2NH8knB9iNSoTO8dyIk8= -github.com/labstack/gommon v0.4.0/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM= -github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= +github.com/labstack/echo/v4 v4.12.0 h1:IKpw49IMryVB2p1a4dzwlhP1O2Tf2E0Ir/450lH+kI0= +github.com/labstack/echo/v4 v4.12.0/go.mod h1:UP9Cr2DJXbOK3Kr9ONYzNowSh7HP0aG0ShAyycHSJvM= +github.com/labstack/gommon v0.4.2 h1:F8qTUNXgG1+6WQmqoUWnz8WiEU60mXVVw0P4ht1WRA0= +github.com/labstack/gommon v0.4.2/go.mod h1:QlUFxVM+SNXhDL/Z7YhocGIBYOiwB0mXm1+1bAPHPyU= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= @@ -76,11 +74,10 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo= github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= github.com/vmihailenco/go-tinylfu v0.2.2 h1:H1eiG6HM36iniK6+21n9LLpzx1G9R3DJa2UjUjbynsI= @@ -93,8 +90,8 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= -golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 h1:m64FZMko/V45gv0bNmrNYoDEq8U5YUhetc9cBWKS1TQ= golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63/go.mod h1:0v4NqG35kSWCMzLaMeX+IQrlSnVE/bqGSyC2cz/9Le8= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -104,8 +101,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50= -golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -122,19 +119,16 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= -golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -164,6 +158,5 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= From edbca89417134fe9ea87b9bda59ce85ecb669df7 Mon Sep 17 00:00:00 2001 From: Maciej Billewicz Date: Wed, 18 Sep 2024 16:48:51 +0200 Subject: [PATCH 4/4] Add origin to cache key --- cache.go | 20 +++----------------- cache_test.go | 2 ++ 2 files changed, 5 insertions(+), 17 deletions(-) diff --git a/cache.go b/cache.go index 1305b85..e5b84b8 100644 --- a/cache.go +++ b/cache.go @@ -122,7 +122,7 @@ func (client *Client) Middleware() echo.MiddlewareFunc { } if client.cacheableMethod(c.Request().Method) { sortURLParams(c.Request().URL) - key := generateKey(c.Request().URL.String()) + key := generateKey(c.Request().URL.String() + c.Request().Header.Get(echo.HeaderOrigin)) if c.Request().Method == http.MethodPost && c.Request().Body != nil { body, err := io.ReadAll(c.Request().Body) defer c.Request().Body.Close() @@ -130,7 +130,7 @@ func (client *Client) Middleware() echo.MiddlewareFunc { return next(c) } reader := io.NopCloser(bytes.NewBuffer(body)) - key = generateKeyWithBody(c.Request().URL.String(), body) + key = generateKeyWithBody(c.Request().URL.String()+c.Request().Header.Get(echo.HeaderOrigin), body) c.Request().Body = reader } @@ -139,7 +139,7 @@ func (client *Client) Middleware() echo.MiddlewareFunc { delete(params, client.refreshKey) c.Request().URL.RawQuery = params.Encode() - key = generateKey(c.Request().URL.String()) + key = generateKey(c.Request().URL.String() + c.Request().Header.Get(echo.HeaderOrigin)) if err := client.adapter.Release(key); err != nil { log.Error(err) @@ -148,7 +148,6 @@ func (client *Client) Middleware() echo.MiddlewareFunc { b, ok := client.adapter.Get(key) if ok { response := BytesToResponse(b) - response.Header = client.rewriteCorsHeaders(response.Header, c.Response().Header()) if response.Expiration.After(time.Now()) { response.LastAccess = time.Now() response.Frequency++ @@ -210,19 +209,6 @@ func (client *Client) Middleware() echo.MiddlewareFunc { } } -func (client *Client) rewriteCorsHeaders(cachedHeaders http.Header, responseHeaders http.Header) http.Header { - corsHeaders := []string{ - "Access-Control-Allow-Origin", - "Access-Control-Allow-Credentials", - } - for _, h := range corsHeaders { - if val := responseHeaders.Get(h); val != "" { - cachedHeaders.Set(h, val) - } - } - return cachedHeaders -} - func (client *Client) cacheableMethod(method string) bool { for _, m := range client.methods { if method == m { diff --git a/cache_test.go b/cache_test.go index 25c8e5e..9c10c53 100644 --- a/cache_test.go +++ b/cache_test.go @@ -252,6 +252,7 @@ func TestCorsHeaders(t *testing.T) { require.NoError(t, err) rec := httptest.NewRecorder() + req.Header.Set("Origin", "http://localhost:8181") // simulate CORS middleware rec.Header().Add("Access-Control-Allow-Origin", "http://localhost:8181") rec.Header().Add("Access-Control-Allow-Credentials", "true") @@ -264,6 +265,7 @@ func TestCorsHeaders(t *testing.T) { secondRec := httptest.NewRecorder() + req.Header.Set("Origin", "http://coinpaprika.com") // simulate CORS middleware secondRec.Header().Add("Access-Control-Allow-Origin", "http://coinpaprika.com") secondRec.Header().Add("Access-Control-Allow-Credentials", "true")