From 02c4f11619062444642975838d63d62fdfdaefa0 Mon Sep 17 00:00:00 2001
From: NotAShelf <raf@notashelf.dev>
Date: Sat, 7 Mar 2026 12:28:39 +0300
Subject: [PATCH] api/handler: `O(n)` linear scan -> `O(1)` map lookup

Signed-off-by: NotAShelf <raf@notashelf.dev>
Change-Id: Ic2080f59be1eea905e8ca95e90e34d4d6a6a6964
---
 internal/api/handler.go | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/internal/api/handler.go b/internal/api/handler.go
index 851c0ea..1b20c85 100644
--- a/internal/api/handler.go
+++ b/internal/api/handler.go
@@ -24,7 +24,7 @@ type IngestionHandler struct {
 	metricsAgg      *aggregate.MetricsAggregator
 	rateLimiter     *ratelimit.TokenBucket
 	rng             *rand.Rand
-	trustedNetworks []*net.IPNet // Pre-parsed CIDR networks
+	trustedNetworks []*net.IPNet // pre-parsed CIDR networks
 }
 
 // Creates a new ingestion handler
@@ -209,13 +209,8 @@ func (h *IngestionHandler) handleCORS(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Check if origin is allowed
-	allowed := false
-	for _, allowedOrigin := range h.cfg.Security.CORS.AllowedOrigins {
-		if allowedOrigin == "*" || allowedOrigin == origin {
-			allowed = true
-			break
-		}
-	}
+	// This uses map so that it's O(1)
+	allowed := h.corsOriginMap["*"] || h.corsOriginMap[origin]
 
 	if allowed {
 		if origin == "*" {