[#114] Add CORS support

serokell · Aug 20, 2022 · 8ec224d · 8ec224d
1 parent 6066324
commit 8ec224d
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 1 deletion.
diff --git a/coffer.cabal b/coffer.cabal
@@ -128,6 +128,7 @@ library
     , tomland
     , unordered-containers
     , validation-selective
+    , wai-cors
     , warp
   default-language: Haskell2010
 

diff --git a/lib/Web/Main.hs b/lib/Web/Main.hs
@@ -12,7 +12,10 @@ import Data.Maybe (fromMaybe)
 import Data.Proxy
 import Data.Text qualified as T
 import Data.Text.IO qualified as TIO
+import Network.HTTP.Types (hContentType)
 import Network.Wai.Handler.Warp (run)
+import Network.Wai.Middleware.Cors
+  (CorsResourcePolicy(..), cors, simpleCorsResourcePolicy, simpleMethods)
 import Servant.Server (serve)
 import System.Environment (lookupEnv)
 import System.Exit (exitFailure)
@@ -41,6 +44,19 @@ runServer = do
   configPath <- getConfigPath
   -- TODO: try sending config via api.
   config <- readConfig configPath
-  run 8081 do
+  run 8081 $ corsMiddleware do
     serve (Proxy :: Proxy API) do
       makeServer \_token -> reportErrors . runBackendIO' . runCommand config
+  where
+    -- Allow cross-origin requests from Swagger Editor/UI.
+    corsMiddleware = cors $ const $ Just simpleCorsResourcePolicy
+      { corsRequestHeaders = [hContentType, "token"]
+      , corsMethods = "DELETE" : "PUT" : simpleMethods
+      , corsOrigins = Just
+        ( [ "https://petstore.swagger.io"
+          , "https://editor.swagger.io"
+          , "https://editor-next.swagger.io"
+          ]
+        , False
+        )
+      }
diff --git a/package.yaml b/package.yaml
@@ -117,6 +117,7 @@ library:
     - tomland
     - unordered-containers
     - validation-selective
+    - wai-cors
     - warp
 
 executables: