From 4580a95b7490bf88cf696ba73c0542ed50f9fa91 Mon Sep 17 00:00:00 2001 From: Mark Beamer Jr Date: Wed, 10 Mar 2021 20:04:48 -0500 Subject: [PATCH] Add CORS to api server --- extras/api/server.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/extras/api/server.go b/extras/api/server.go index 140603b..151415a 100644 --- a/extras/api/server.go +++ b/extras/api/server.go @@ -17,6 +17,9 @@ import ( // ResponseHeaders are returned with each response var ResponseHeaders map[string]string +// CorsDomains Allowed domains for CORS Policy +var CorsDomains []string + // Log allows logging of events and errors var Log = func(*http.Request, *Response, error) {} @@ -78,6 +81,20 @@ func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } } + for _, d := range CorsDomains { + if d == r.Header.Get("origin") { + w.Header().Set("Access-Control-Allow-Origin", d) + vary := w.Header().Get("Vary") + if vary != "*" { + if vary != "" { + vary += ", " + } + vary += "Origin" + } + w.Header().Set("Vary", vary) + } + } + // Stop here if its a preflighted OPTIONS request if r.Method == "OPTIONS" { return