Commitc00931a

committed

Comment on blank origin

1 parent92db437 commitc00931aCopy full SHA for c00931a

File tree

-3

lines changed

-3

lines changed

Lines changed: 4 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,10 +16,11 @@ func authorizeMW(accessURL *url.URL) func(next http.Handler) http.Handler {`
`16`	`16`	`returnfunc(next http.Handler) http.Handler {`
`17`	`17`	`returnhttp.HandlerFunc(func(rw http.ResponseWriter,r*http.Request) {`
`18`	`18`	`origin:=r.Header.Get(httpmw.OriginHeader)`
	`19`	`+// TODO: The origin can be blank from some clients, like cURL. For now`
	`20`	`+// only browser-based auth flow is officially supported but in a future PR`
	`21`	`+// we should support a cURL-based and blank origin flows.`
`19`	`22`	`originU,err:=url.Parse(origin)`
`20`		`-iferr!=nil {`
`21`		`-// TODO: Curl requests will not have this. One idea is to always show`
`22`		`-// html here??`
	`23`	`+iferr!=nil\|\|origin=="" {`
`23`	`24`	`httpapi.Write(r.Context(),rw,http.StatusBadRequest, codersdk.Response{`
`24`	`25`	`Message:"Invalid or missing origin header.",`
`25`	`26`	`Detail:err.Error(),`

Comments

(0)