swarm/api/http: add support for CORS headers (#3388)

2017-01-05 11:57:41 +01:00
parent bbce726c8a
commit f087633efd
3 changed files with 49 additions and 15 deletions
--- a/swarm/api/http/server.go
+++ b/swarm/api/http/server.go
@ -24,6 +24,7 @@ import (
 	"io"
 	"net/http"
 	"regexp"
+	"strings"
 	"sync"
 	"time"

@ -31,6 +32,7 @@ import (
 	"github.com/ethereum/go-ethereum/logger"
 	"github.com/ethereum/go-ethereum/logger/glog"
 	"github.com/ethereum/go-ethereum/swarm/api"
+	"github.com/rs/cors"
 )

 const (
@ -53,19 +55,37 @@ type sequentialReader struct {
 	lock   sync.Mutex
 }

+// Server is the basic configuration needs for the HTTP server and also
+// includes CORS settings.
+type Server struct {
+	Addr       string
+	CorsString string
+}
+
 // browser API for registering bzz url scheme handlers:
 // https://developer.mozilla.org/en/docs/Web-based_protocol_handlers
 // electron (chromium) api for registering bzz url scheme handlers:
 // https://github.com/atom/electron/blob/master/docs/api/protocol.md

 // starts up http server
-func StartHttpServer(api *api.Api, port string) {
+func StartHttpServer(api *api.Api, server *Server) {
 	serveMux := http.NewServeMux()
 	serveMux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		handler(w, r, api)
 	})
-	go http.ListenAndServe(":"+port, serveMux)
-	glog.V(logger.Info).Infof("Swarm HTTP proxy started on localhost:%s", port)
+	var allowedOrigins []string
+	for _, domain := range strings.Split(server.CorsString, ",") {
+		allowedOrigins = append(allowedOrigins, strings.TrimSpace(domain))
+	}
+	c := cors.New(cors.Options{
+		AllowedOrigins: allowedOrigins,
+		AllowedMethods: []string{"POST", "GET", "DELETE", "PATCH", "PUT"},
+		MaxAge:         600,
+	})
+	hdlr := c.Handler(serveMux)
+
+	go http.ListenAndServe(server.Addr, hdlr)
+	glog.V(logger.Info).Infof("Swarm HTTP proxy started on localhost:%s", server.Addr)
 }

 func handler(w http.ResponseWriter, r *http.Request, a *api.Api) {
--- a/swarm/swarm.go
+++ b/swarm/swarm.go
@ -52,6 +52,7 @@ type Swarm struct {
 	hive        *network.Hive          // the logistic manager
 	backend     chequebook.Backend     // simple blockchain Backend
 	privateKey  *ecdsa.PrivateKey
+	corsString  string
 	swapEnabled bool
 }

@ -71,7 +72,7 @@ func (self *Swarm) API() *SwarmAPI {

 // creates a new swarm service instance
 // implements node.Service
-func NewSwarm(ctx *node.ServiceContext, backend chequebook.Backend, config *api.Config, swapEnabled, syncEnabled bool) (self *Swarm, err error) {
+func NewSwarm(ctx *node.ServiceContext, backend chequebook.Backend, config *api.Config, swapEnabled, syncEnabled bool, cors string) (self *Swarm, err error) {
 	if bytes.Equal(common.FromHex(config.PublicKey), storage.ZeroKey) {
 		return nil, fmt.Errorf("empty public key")
 	}
@ -84,6 +85,7 @@ func NewSwarm(ctx *node.ServiceContext, backend chequebook.Backend, config *api.
 		swapEnabled: swapEnabled,
 		backend:     backend,
 		privateKey:  config.Swap.PrivateKey(),
+		corsString:  cors,
 	}
 	glog.V(logger.Debug).Infof("Setting up Swarm service components")

@ -188,10 +190,16 @@ func (self *Swarm) Start(net *p2p.Server) error {

 	// start swarm http proxy server
 	if self.config.Port != "" {
-		go httpapi.StartHttpServer(self.api, self.config.Port)
+		addr := ":" + self.config.Port
+		go httpapi.StartHttpServer(self.api, &httpapi.Server{Addr: addr, CorsString: self.corsString})
 	}
+
 	glog.V(logger.Debug).Infof("Swarm http proxy started on port: %v", self.config.Port)

+	if self.corsString != "" {
+		glog.V(logger.Debug).Infof("Swarm http proxy started with corsdomain:", self.corsString)
+	}
+
 	return nil
 }