[release] v0.9.21
This commit is contained in:
parent
75c0521ad9
commit
525146a210
|
@ -1,4 +1,4 @@
|
||||||
## Version 0.9.20
|
## Version 0.9.20 - 0.9.21
|
||||||
- Add option to disable CORS hardening (with empty value)
|
- Add option to disable CORS hardening (with empty value)
|
||||||
|
|
||||||
## Version 0.9.19
|
## Version 0.9.19
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "cosmos-server",
|
"name": "cosmos-server",
|
||||||
"version": "0.9.20",
|
"version": "0.9.21",
|
||||||
"description": "",
|
"description": "",
|
||||||
"main": "test-server.js",
|
"main": "test-server.js",
|
||||||
"bugs": {
|
"bugs": {
|
||||||
|
|
|
@ -97,12 +97,15 @@ func NewProxy(targetHost string, AcceptInsecureHTTPSTarget bool, VerboseForwardH
|
||||||
proxy.ModifyResponse = func(resp *http.Response) error {
|
proxy.ModifyResponse = func(resp *http.Response) error {
|
||||||
utils.Debug("Response from backend: " + resp.Status)
|
utils.Debug("Response from backend: " + resp.Status)
|
||||||
utils.Debug("URL was " + resp.Request.URL.String())
|
utils.Debug("URL was " + resp.Request.URL.String())
|
||||||
|
|
||||||
if !DisableHeaderHardening {
|
if CORSOrigin != "" {
|
||||||
resp.Header.Del("Access-Control-Allow-Origin")
|
resp.Header.Del("Access-Control-Allow-Origin")
|
||||||
resp.Header.Del("Access-Control-Allow-Methods")
|
resp.Header.Del("Access-Control-Allow-Methods")
|
||||||
resp.Header.Del("Access-Control-Allow-Headers")
|
resp.Header.Del("Access-Control-Allow-Headers")
|
||||||
resp.Header.Del("Access-Control-Allow-Credentials")
|
resp.Header.Del("Access-Control-Allow-Credentials")
|
||||||
|
}
|
||||||
|
|
||||||
|
if !DisableHeaderHardening {
|
||||||
resp.Header.Del("Strict-Transport-Security")
|
resp.Header.Del("Strict-Transport-Security")
|
||||||
resp.Header.Del("X-Content-Type-Options")
|
resp.Header.Del("X-Content-Type-Options")
|
||||||
resp.Header.Del("Content-Security-Policy")
|
resp.Header.Del("Content-Security-Policy")
|
||||||
|
|
Loading…
Reference in a new issue