From 2ad7b848dc78e6ab91fce84e533a875ef8e884d9 Mon Sep 17 00:00:00 2001 From: Giovanni Harting <539@idlegandalf.com> Date: Sat, 23 Oct 2021 22:33:32 +0200 Subject: [PATCH] switched up cors handling --- config_example.yaml | 3 ++- main.go | 13 +++---------- utils/utils.go | 2 +- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/config_example.yaml b/config_example.yaml index baf5a6b..4a6c5ba 100644 --- a/config_example.yaml +++ b/config_example.yaml @@ -23,7 +23,8 @@ redis: password: "" httpd: - cors_allow_domains: '*' + cors_allow_domains: + - '*' listen: - host: localhost port: 8000 diff --git a/main.go b/main.go index cfd5331..f42e2a7 100644 --- a/main.go +++ b/main.go @@ -148,7 +148,6 @@ func housekeeping() { } func getPlayerMeta(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) id := mux.Vars(r)["id"] l := mux.Vars(r)["limit"] @@ -206,7 +205,6 @@ func getPlayerMeta(w http.ResponseWriter, r *http.Request) { } func getPlayer(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) id := mux.Vars(r)["id"] t := mux.Vars(r)["time"] @@ -365,7 +363,6 @@ func getPlayer(w http.ResponseWriter, r *http.Request) { } func deletePlayerTrack(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) err := r.ParseForm() if err != nil { log.Infof("[DPT] Unable to parse form data: %v", err) @@ -416,7 +413,6 @@ func deletePlayerTrack(w http.ResponseWriter, r *http.Request) { } func postPlayerTrack(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) err := r.ParseForm() if err != nil { log.Infof("[PPT] Unable to parse form data: %v", err) @@ -481,7 +477,6 @@ func postPlayerTrack(w http.ResponseWriter, r *http.Request) { } func getMatchParse(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) shareCode := mux.Vars(r)["sharecode"] if shareCode == "" || !utils.ShareCodeRegEx.MatchString(shareCode) { @@ -503,7 +498,6 @@ func getMatchParse(w http.ResponseWriter, r *http.Request) { } func getMatchRounds(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) id := mux.Vars(r)["id"] if id == "" { @@ -555,7 +549,6 @@ func getMatchRounds(w http.ResponseWriter, r *http.Request) { } func getMatchWeapons(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) id := mux.Vars(r)["id"] if id == "" { @@ -622,7 +615,6 @@ func getMatchWeapons(w http.ResponseWriter, r *http.Request) { } func getMatch(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Access-Control-Allow-Origin", conf.Httpd.CORSAllowDomains) id := mux.Vars(r)["id"] if id == "" { @@ -854,6 +846,7 @@ func main() { router.Use(mux.CORSMethodMiddleware(router)) loggedRouter := handlers.LoggingHandler(os.Stdout, router) proxyRouter := handlers.ProxyHeaders(loggedRouter) + cors := handlers.CORS(handlers.AllowedOrigins(conf.Httpd.CORSAllowDomains)) log.Info("Start listening...") @@ -867,7 +860,7 @@ func main() { } sockets = append(sockets, sL) go func() { - _ = http.Serve(sL, proxyRouter) + _ = http.Serve(sL, cors(proxyRouter)) }() } else { tL, err := net.Listen("tcp", fmt.Sprintf("%s:%d", l.Host, l.Port)) @@ -875,7 +868,7 @@ func main() { log.Fatalf("Failure listing on %s:%d: %v", l.Host, l.Port, err) } go func() { - err = http.Serve(tL, proxyRouter) + err = http.Serve(tL, cors(proxyRouter)) if err != nil { log.Fatalf("Failure serving on %s:%d: %v", l.Host, l.Port, err) } diff --git a/utils/utils.go b/utils/utils.go index 83e0bbc..77ecc6c 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -51,7 +51,7 @@ type Conf struct { Password string } Httpd struct { - CORSAllowDomains string `yaml:"cors_allow_domains"` + CORSAllowDomains []string `yaml:"cors_allow_domains"` Listen []struct { Socket string Host string