improve docs

labstack · Jan 3, 2022 · 6f6befe · 6f6befe
1 parent 5b26a52
commit 6f6befe
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/context.go b/context.go
@@ -214,7 +214,7 @@ const (
  // ContextKeyHeaderAllow is set by Router for getting value for `Allow` header in later stages of handler call chain.
  // Allow header is mandatory for status 405 (method not found) and useful for OPTIONS method requests.
  // It is added to context only when Router does not find matching method handler for request.
- ContextKeyHeaderAllow = "____echo____header_allow"
+ ContextKeyHeaderAllow = "echo_header_allow"
 )
 
 const (

diff --git a/echo.go b/echo.go
@@ -192,9 +192,10 @@ const (
 const (
  HeaderAccept = "Accept"
  HeaderAcceptEncoding = "Accept-Encoding"
- // HeaderAllow is header field that lists the set of methods advertised as supported by the target resource.
- // Allow header is mandatory for status 405 (method not found) and useful OPTIONS method responses.
- // See: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1
+ // HeaderAllow is the name of the "Allow" header field used to list the set of methods
+ // advertised as supported by the target resource. Returning an Allow header is mandatory
+ // for status 405 (method not found) and useful for the OPTIONS method in responses.
+ // See RFC 7231: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1
  HeaderAllow = "Allow"
  HeaderAuthorization = "Authorization"
  HeaderContentDisposition = "Content-Disposition"
@@ -305,9 +306,8 @@ var (
  }
 
  MethodNotAllowedHandler = func(c Context) error {
- // 'Allow' header RFC: https://datatracker.ietf.org/doc/html/rfc7231#section-7.4.1
- // >> An origin server MUST generate an Allow field in a 405 (Method Not Allowed) response
- // and MAY do so in any other response.
+ // See RFC 7231 section 7.4.1: An origin server MUST generate an Allow field in a 405 (Method Not Allowed)
+ // response and MAY do so in any other response. For disabled resources an empty Allow header may be returned
  routerAllowMethods, ok := c.Get(ContextKeyHeaderAllow).(string)
  if ok && routerAllowMethods != "" {
  c.Response().Header().Set(HeaderAllow, routerAllowMethods)

diff --git a/middleware/cors.go b/middleware/cors.go
@@ -172,7 +172,7 @@ func CORSWithConfig(config CORSConfig) echo.MiddlewareFunc {
  checkPatterns := false
  if allowOrigin == "" {
  // to avoid regex cost by invalid (long) domains (253 is domain name max limit)
- if len(origin) <= (253+3+4) && strings.Contains(origin, "://") {
+ if len(origin) <= (253+3+5) && strings.Contains(origin, "://") {
  checkPatterns = true
  }
  }