added cors header

config.yaml

@@ -8,3 +8,6 @@ steam:
   username: steamusername
   api_key: apikey
   rate_per_sec: 1
+
+httpd:
+  cors_allow_domains: '*'

main.go

@@ -127,6 +127,7 @@ func housekeeping() {
 }
 
 func getPlayer(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains)
 	id := mux.Vars(r)["id"]
 	tPlayer, err := utils.GetPlayer(db, id, conf.Steam.APIKey, rL)
 	if err != nil {
@@ -204,6 +205,7 @@ func getPlayer(w http.ResponseWriter, r *http.Request) {
 }
 
 func postPlayerTrackMe(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains)
 	err := r.ParseForm()
 	if err != nil {
 		log.Errorf("[postPlayerTrackMe] %+v", err)
@@ -252,6 +254,7 @@ func postPlayerTrackMe(w http.ResponseWriter, r *http.Request) {
 }
 
 func getMatchParse(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains)
 	shareCode := mux.Vars(r)["sharecode"]
 
 	if shareCode == "" || !utils.ShareCodeRegEx.MatchString(shareCode) {
@@ -268,6 +271,7 @@ func getMatchParse(w http.ResponseWriter, r *http.Request) {
 }
 
 func getMatch(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains)
 	id := mux.Vars(r)["id"]
 
 	if id == "" {

utils/utils.go

@@ -34,6 +34,9 @@ type Conf struct {
 		APIKey        string `yaml:"api_key"`
 		RatePerSecond int    `yaml:"rate_per_sec"`
 	}
+	Httpd struct {
+		CORSAllowDomains string `yaml:"cors_allow_domains"`
+	}
 }
 
 type DBWithLock struct {