mirror of https://github.com/gophish/gophish
Add CORS support for Reporting Handler (#1529)
* Added response headers for CORS and server identification (#1517) Co-Authored-By: Glenn Wilkinson <glenn.wilkinson@gmail.com>pull/1547/head v0.8.0
parent
1f16c7237d
commit
f95e9554c7
|
@ -161,6 +161,7 @@ func (ps *PhishingServer) TrackHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
// ReportHandler tracks emails as they are reported, updating the status for the given Result
|
// ReportHandler tracks emails as they are reported, updating the status for the given Result
|
||||||
func (ps *PhishingServer) ReportHandler(w http.ResponseWriter, r *http.Request) {
|
func (ps *PhishingServer) ReportHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
r, err := setupContext(r)
|
r, err := setupContext(r)
|
||||||
|
w.Header().Set("Access-Control-Allow-Origin", "*") // To allow Chrome extensions (or other pages) to report a campaign without violating CORS
|
||||||
if err != nil {
|
if err != nil {
|
||||||
// Log the error if it wasn't something we can safely ignore
|
// Log the error if it wasn't something we can safely ignore
|
||||||
if err != ErrInvalidRequest && err != ErrCampaignComplete {
|
if err != ErrInvalidRequest && err != ErrCampaignComplete {
|
||||||
|
@ -203,6 +204,7 @@ func (ps *PhishingServer) PhishHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
http.NotFound(w, r)
|
http.NotFound(w, r)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
w.Header().Set("X-Server", config.ServerName) // Useful for checking if this is a GoPhish server (e.g. for campaign reporting plugins)
|
||||||
var ptx models.PhishingTemplateContext
|
var ptx models.PhishingTemplateContext
|
||||||
// Check for a preview
|
// Check for a preview
|
||||||
if preview, ok := ctx.Get(r, "result").(models.EmailRequest); ok {
|
if preview, ok := ctx.Get(r, "result").(models.EmailRequest); ok {
|
||||||
|
|
Loading…
Reference in New Issue