diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 69dfc893782a9..64c4b47a6456a 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -75,7 +75,6 @@ import ( "code.gitea.io/gitea/routers/api/v1/user" "gitea.com/macaron/binding" - "gitea.com/macaron/cors" "gitea.com/macaron/macaron" ) @@ -502,12 +501,6 @@ func RegisterRoutes(m *macaron.Macaron) { m.Get("/swagger", misc.Swagger) //Render V1 by default } - var handlers []macaron.Handler - if setting.EnableCORS { - handlers = append(handlers, cors.CORS(setting.CORSConfig)) - } - handlers = append(handlers, securityHeaders(), context.APIContexter(), sudo()) - m.Group("/v1", func() { // Miscellaneous if setting.API.EnableSwagger { @@ -853,7 +846,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/topics", func() { m.Get("/search", repo.TopicSearch) }) - }, handlers...) + }, securityHeaders(), context.APIContexter(), sudo()) } func securityHeaders() macaron.Handler { diff --git a/routers/routes/routes.go b/routers/routes/routes.go index 5774c65eca03b..8c329a5f6f447 100644 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -41,6 +41,7 @@ import ( "gitea.com/macaron/binding" "gitea.com/macaron/cache" "gitea.com/macaron/captcha" + "gitea.com/macaron/cors" "gitea.com/macaron/csrf" "gitea.com/macaron/i18n" "gitea.com/macaron/macaron" @@ -951,9 +952,14 @@ func RegisterRoutes(m *macaron.Macaron) { m.Get("/swagger.v1.json", templates.JSONRenderer(), routers.SwaggerV1Json) } + var handlers []macaron.Handler + if setting.EnableCORS { + handlers = append(handlers, cors.CORS(setting.CORSConfig)) + } + handlers = append(handlers, ignSignIn) m.Group("/api", func() { apiv1.RegisterRoutes(m) - }, ignSignIn) + }, handlers...) m.Group("/api/internal", func() { // package name internal is ideal but Golang is not allowed, so we use private as package name.