feat(http): add flag/config to allow CORS requests, close #229

Kocal · Kocal · commit 7ccbb9baab1f · 2024-09-18T09:29:02.000+02:00
diff --git a/commands/local_server_start.go b/commands/local_server_start.go
@@ -52,6 +52,7 @@ import (
 
 var localWebServerProdWarningMsg = "The local web server is optimized for local development and MUST never be used in a production setup."
 var localWebServerTlsKeyLogWarningMsg = "Logging TLS master key is enabled. It means TLS connections between the client and this server will be INSECURE. This is NOT recommended unless you are debugging the connections."
+var localWebServerAllowCorsLogWarningMsg = "Cross-origin resource sharing (CORS) is enabled for every requests.\nYou may want to use https://github.com/nelmio/NelmioCorsBundle to have more control on HTTP headers."
 
 var localServerStartCmd = &console.Command{
 	Category:    "local",
@@ -81,6 +82,7 @@ var localServerStartCmd = &console.Command{
 			EnvVars: []string{"SSLKEYLOGFILE"},
 		},
 		&console.BoolFlag{Name: "no-workers", Usage: "Do not start workers"},
+		&console.BoolFlag{Name: "allow-cors", Usage: "Allow Cross-origin resource sharing (CORS) requests"},
 	},
 	Action: func(c *console.Context) error {
 		ui := terminal.SymfonyStyle(terminal.Stdout, terminal.Stdin)
@@ -186,6 +188,10 @@ var localServerStartCmd = &console.Command{
 			ui.Warning(localWebServerTlsKeyLogWarningMsg)
 		}
 
+		if config.AllowCORS {
+			ui.Warning(localWebServerAllowCorsLogWarningMsg)
+		}
+
 		lw, err := pidFile.LogWriter()
 		if err != nil {
 			return err
diff --git a/local/http/http.go b/local/http/http.go
@@ -55,6 +55,7 @@ type Server struct {
 	Appversion    string
 	UseGzip       bool
 	TlsKeyLogFile string
+	AllowCORS     bool
 
 	httpserver  *http.Server
 	httpsserver *http.Server
@@ -212,6 +213,10 @@ func (s *Server) ProxyHandler(w http.ResponseWriter, r *http.Request) {
 
 // Handler handles HTTP requests
 func (s *Server) Handler(w http.ResponseWriter, r *http.Request) {
+	if s.AllowCORS {
+		w.Header().Add("Access-Control-Allow-Origin", "*")
+	}
+
 	// static file?
 	if !strings.HasSuffix(strings.ToLower(r.URL.Path), ".php") {
 		p := r.URL.Path
diff --git a/local/project/config.go b/local/project/config.go
@@ -48,6 +48,7 @@ type Config struct {
 	UseGzip       bool   `yaml:"use_gzip"`
 	TlsKeyLogFile string `yaml:"tls_key_log_file"`
 	NoWorkers     bool   `yaml:"no_workers"`
+	AllowCORS     bool   `yaml:"allow_cors"`
 }
 
 type FileConfig struct {
@@ -116,6 +117,9 @@ func NewConfigFromContext(c *console.Context, projectDir string) (*Config, *File
 	if c.IsSet("no-workers") {
 		config.NoWorkers = c.Bool("no-workers")
 	}
+	if c.IsSet("allow-cors") {
+		config.AllowCORS = c.Bool("allow-cors")
+	}
 
 	return config, fileConfig, nil
 }
diff --git a/local/project/project.go b/local/project/project.go
@@ -62,6 +62,7 @@ func New(c *Config) (*Project, error) {
 			UseGzip:       c.UseGzip,
 			Appversion:    c.AppVersion,
 			TlsKeyLogFile: c.TlsKeyLogFile,
+			AllowCORS:     c.AllowCORS,
 		},
 	}
 	if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -48,6 +48,7 @@ type Config struct {`
`48`	`48`	UseGzip bool `yaml:"use_gzip"`
`49`	`49`	TlsKeyLogFile string `yaml:"tls_key_log_file"`
`50`	`50`	NoWorkers bool `yaml:"no_workers"`
	`51`	+ AllowCORS bool `yaml:"allow_cors"`
`51`	`52`	`}`
`52`	`53`
`53`	`54`	`type FileConfig struct {`
`@@ -116,6 +117,9 @@ func NewConfigFromContext(c console.Context, projectDir string) (Config, *File`
`116`	`117`	`if c.IsSet("no-workers") {`
`117`	`118`	`config.NoWorkers = c.Bool("no-workers")`
`118`	`119`	`}`
	`120`	`+ if c.IsSet("allow-cors") {`
	`121`	`+ config.AllowCORS = c.Bool("allow-cors")`
	`122`	`+ }`
`119`	`123`
`120`	`124`	`return config, fileConfig, nil`
`121`	`125`	`}`
Original file line number	Diff line number	Diff line change
`@@ -62,6 +62,7 @@ func New(c Config) (Project, error) {`
`62`	`62`	`UseGzip: c.UseGzip,`
`63`	`63`	`Appversion: c.AppVersion,`
`64`	`64`	`TlsKeyLogFile: c.TlsKeyLogFile,`
	`65`	`+ AllowCORS: c.AllowCORS,`
`65`	`66`	`},`
`66`	`67`	`}`
`67`	`68`	`if err != nil {`