Merge pull request #4 from hpcloud/cors-middleware

This LGTM
cloudfoundry · Apr 29, 2016 · 0e79ac2 · 0e79ac2
2 parents 7c38b29 + dc7c1fc
commit 0e79ac2
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 0 deletions.
diff --git a/main.go b/main.go
@@ -66,6 +66,11 @@ func start(p *portalProxy) {
 	e.Use(sessionCleanupMiddleware)
 	e.Use(middleware.Logger())
 	e.Use(middleware.Recover())
+	e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
+		AllowOrigins:     p.Config.AllowedOrigins,
+		AllowMethods:     []string{echo.GET, echo.PUT, echo.POST, echo.DELETE},
+		AllowCredentials: true,
+	}))
 	e.Use(errorLoggingMiddleware)
 
 	p.initCookieStore()

diff --git a/portal-config.toml.example b/portal-config.toml.example
@@ -6,6 +6,7 @@ tls_cert_key          = "certs/pproxy.key"
 uaa_client            = "portal_proxy"
 uaa_client_secret     = "portalproxysecret"
 uaa_endpoint          = "https://api.cnapdomain.com/oauth/token"
+allowed_origins       = [ "https://localhost" ]
 cookie_store_secret   = "cookiesecret"
 dev                   = true
 

diff --git a/portal_config.go b/portal_config.go
@@ -11,6 +11,7 @@ type portalConfig struct {
 	UAAClient           string        `toml:"uaa_client"`
 	UAAClientSecret     string        `toml:"uaa_client_secret"`
 	UAAEndpoint         string        `toml:"uaa_endpoint"`
+	AllowedOrigins      []string      `toml:"allowed_origins"`
 	CookieStoreSecret   string        `toml:"cookie_store_secret"`
 	Dev                 bool          `toml:"dev"`
 	DevConfig           devConfig     `toml:"dev_config"`