diff options
author | Taylor Gerring <taylor.gerring@gmail.com> | 2015-03-30 03:56:04 +0800 |
---|---|---|
committer | Taylor Gerring <taylor.gerring@gmail.com> | 2015-03-30 03:56:04 +0800 |
commit | b6fde73ef130e80eb834a60e766ce288de800bef (patch) | |
tree | 2552c164ec1e115ad819c79808dfc252f1629547 | |
parent | 04a7c4ae1e7fe9683854fd759cad0e5e04a2f2c0 (diff) | |
download | dexon-b6fde73ef130e80eb834a60e766ce288de800bef.tar.gz dexon-b6fde73ef130e80eb834a60e766ce288de800bef.tar.zst dexon-b6fde73ef130e80eb834a60e766ce288de800bef.zip |
Add settable domain to CORS handler #331
-rw-r--r-- | rpc/http.go | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/rpc/http.go b/rpc/http.go index d146f28a6..f15d557ad 100644 --- a/rpc/http.go +++ b/rpc/http.go @@ -10,6 +10,7 @@ import ( "github.com/ethereum/go-ethereum/logger" "github.com/ethereum/go-ethereum/xeth" + "github.com/rs/cors" ) var rpclogger = logger.NewLogger("RPC") @@ -25,7 +26,21 @@ func Start(pipe *xeth.XEth, config RpcConfig) error { rpclogger.Errorf("Can't listen on %s:%d: %v", config.ListenAddress, config.ListenPort, err) return err } - go http.Serve(l, JSONRPC(pipe)) + + var handler http.Handler + if len(config.CorsDomain) > 0 { + var opts cors.Options + opts.AllowedMethods = []string{"POST"} + opts.AllowedOrigins = []string{config.CorsDomain} + + c := cors.New(opts) + handler = c.Handler(JSONRPC(pipe)) + } else { + handler = JSONRPC(pipe) + } + + go http.Serve(l, handler) + return nil } @@ -34,8 +49,7 @@ func JSONRPC(pipe *xeth.XEth) http.Handler { api := NewEthereumApi(pipe) return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - // TODO this needs to be configurable - w.Header().Set("Access-Control-Allow-Origin", "*") + w.Header().Set("Content-Type", "application/json") // Limit request size to resist DoS if req.ContentLength > maxSizeReqLength { |