From 9b52d7f78bd8f6897f81d79514997f3e4ec95abc Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Thu, 27 Aug 2020 00:39:14 +0100 Subject: [PATCH] cors --- src/bin/server.rs | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/src/bin/server.rs b/src/bin/server.rs index 46a19f89..39c94cf9 100644 --- a/src/bin/server.rs +++ b/src/bin/server.rs @@ -48,16 +48,16 @@ fn loading(ptoken : InstanceAccess) -> Template { #[get("/_/updates//")] #[throws(OE)] -fn updates(ctoken : InstanceAccess, gen: u64) - -> impl response::Responder<'static> { +fn updates<'r>(ctoken : InstanceAccess, gen: u64, + cors: rocket_cors::Guard<'r>) + -> impl response::Responder<'r> { let gen = Generation(gen); let iad = ctoken.i; let content = sse::content(iad, gen)?; let content = response::Stream::chunked(content, 4096); const CTYPE : &str = "text/event-stream; charset=utf-8"; let ctype = ContentType::parse_flexible(CTYPE).unwrap(); - // xxx set CORS allowed header - response::content::Content(ctype,content) + cors.responder(response::content::Content(ctype,content)) } #[get("/_/")] @@ -102,17 +102,29 @@ fn main() { } cbuilder.extras.insert("template_dir".to_owned(), c.template_dir.clone().into()); + + let cors_state = { + use rocket_cors::*; + let opts = CorsOptions::default() + .allowed_origins(AllowedOrigins::all()) + .allowed_methods(iter::once(rocket::http::Method::Get.into()).collect()); + opts.validate().expect("cors options"); + opts.to_cors().expect("cors") + }; + let rconfig = cbuilder.finalize()?; let r = rocket::custom(rconfig) .attach(helmet) .attach(Template::fairing()) + .manage(cors_state) .mount("/", routes![ index, loading, resource, updates, ]); + let r = game::session::mount(r); let r = game::api::mount(r); r.launch(); -- 2.30.2