From 7073bea75147f8d4651be57de5275b81a8ecce77 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Budnik?= <lukasz.budnik@gmail.com>
Date: Tue, 16 Feb 2021 12:59:42 +0100
Subject: [PATCH] added CORS support

---
 server.go      | 15 ++++++++++++++-
 server_test.go |  4 ++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/server.go b/server.go
index 5be35c2..2bf93cf 100644
--- a/server.go
+++ b/server.go
@@ -26,7 +26,19 @@ type response struct {
 var counter = 0
 var hostname = os.Getenv("HOSTNAME")
 
+func preflight(w http.ResponseWriter, req *http.Request) {
+	w.Header().Set("Access-Control-Allow-Origin", "*")
+	w.Header().Set("Access-Control-Allow-Methods", "*")
+	w.Header().Set("Access-Control-Allow-Headers", "*")
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
+	w.Header().Set("Access-Control-Expose-Headers", "*")
+	w.Header().Set("Access-Control-Max-Age", "600")
+	w.WriteHeader(http.StatusOK)
+}
+
 func handler(w http.ResponseWriter, req *http.Request) {
+	w.Header().Set("Access-Control-Allow-Origin", "*")
+
 	showEnvs := os.Getenv("YOSOY_SHOW_ENVS")
 	showFiles := os.Getenv("YOSOY_SHOW_FILES")
 
@@ -80,7 +92,8 @@ func main() {
 	r := mux.NewRouter()
 
 	r.Handle("/favicon.ico", r.NotFoundHandler)
-	r.PathPrefix("/").HandlerFunc(handler)
+	r.PathPrefix("/").HandlerFunc(preflight).Methods(http.MethodOptions)
+	r.PathPrefix("/").HandlerFunc(handler).Methods(http.MethodGet, http.MethodPut, http.MethodPatch, http.MethodPost, http.MethodDelete, http.MethodConnect, http.MethodHead, http.MethodTrace)
 
 	loggingRouter := handlers.CombinedLoggingHandler(os.Stdout, r)
 	proxyRouter := handlers.ProxyHeaders(loggingRouter)
diff --git a/server_test.go b/server_test.go
index 7bdefda..896b8d1 100644
--- a/server_test.go
+++ b/server_test.go
@@ -32,8 +32,12 @@ func TestHandler(t *testing.T) {
 	var response response
 	json.Unmarshal(rr.Body.Bytes(), &response)
 
+	// test response
 	assert.Equal(t, 1, response.Counter)
 	assert.Equal(t, "example.org", response.Host)
 	assert.NotEmpty(t, response.EnvVariables)
 	assert.NotEmpty(t, response.Files[".gitignore"])
+
+	// test cors
+	assert.Contains(t, rr.HeaderMap["Access-Control-Allow-Origin"], "*")
 }