back round 0 view raw

Add CORS top level middleware router to knotserver/ #735

merged
opened by nekomimi.pet targeting master from [deleted fork]: master

To make it easier to get information about tangled repos, CORS need to be enabled on repo knots otherwise browsers will throw a fit. This change adds those headers. I think maybe the auth routes could do without them as right now it just gives it to all the routes.

options
unified split
Changed files
+19
knotserver
middleware.go
router.go
+18
knotserver/middleware.go 
···

       
33

       
 

       
		)


     

       
34

       
 

       
	})


     

       
35

       
 

       
}


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     
···

       
33

       
 

       
		)


     

       
34

       
 

       
	})


     

       
35

       
 

       
}


     

       
36

       
+

       



     

       
37

       
+

       
func (h *Knot) CORS(next http.Handler) http.Handler {


     

       
38

       
+

       
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {


     

       
39

       
+

       
		// Set CORS headers


     

       
40

       
+

       
		w.Header().Set("Access-Control-Allow-Origin", "*")


     

       
41

       
+

       
		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")


     

       
42

       
+

       
		w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")


     

       
43

       
+

       
		w.Header().Set("Access-Control-Max-Age", "86400")


     

       
44

       
+

       



     

       
45

       
+

       
		// Handle preflight requests


     

       
46

       
+

       
		if r.Method == "OPTIONS" {


     

       
47

       
+

       
			w.WriteHeader(http.StatusOK)


     

       
48

       
+

       
			return


     

       
49

       
+

       
		}


     

       
50

       
+

       



     

       
51

       
+

       
		next.ServeHTTP(w, r)


     

       
52

       
+

       
	})


     

       
53

       
+

       
}
+1
knotserver/router.go 
···

       
71

       
 

       
func (h *Knot) Router() http.Handler {


     

       
72

       
 

       
	r := chi.NewRouter()


     

       
73

       
 

       



     

       

       

       
     

       
74

       
 

       
	r.Use(h.RequestLogger)


     

       
75

       
 

       



     

       
76

       
 

       
	r.Get("/", func(w http.ResponseWriter, r *http.Request) {


     
···

       
71

       
 

       
func (h *Knot) Router() http.Handler {


     

       
72

       
 

       
	r := chi.NewRouter()


     

       
73

       
 

       



     

       
74

       
+

       
	r.Use(h.CORS)


     

       
75

       
 

       
	r.Use(h.RequestLogger)


     

       
76

       
 

       



     

       
77

       
 

       
	r.Get("/", func(w http.ResponseWriter, r *http.Request) {