diff options
Diffstat (limited to 'bskyweb/cmd')
| -rw-r--r-- | bskyweb/cmd/bskyweb/main.go | 7 | ||||
| -rw-r--r-- | bskyweb/cmd/bskyweb/server.go | 7 |
2 files changed, 14 insertions, 0 deletions
diff --git a/bskyweb/cmd/bskyweb/main.go b/bskyweb/cmd/bskyweb/main.go index 3f46c4b00..985879f4a 100644 --- a/bskyweb/cmd/bskyweb/main.go +++ b/bskyweb/cmd/bskyweb/main.go @@ -80,6 +80,13 @@ func run(args []string) { Value: "", EnvVars: []string{"BASIC_AUTH_PASSWORD"}, }, + &cli.StringSliceFlag{ + Name: "cors-allowed-origins", + Usage: "list of allowed origins for CORS requests", + Required: false, + Value: cli.NewStringSlice("https://bsky.app", "https://main.bsky.dev", "https://app.staging.bsky.dev"), + EnvVars: []string{"CORS_ALLOWED_ORIGINS"}, + }, }, }, } diff --git a/bskyweb/cmd/bskyweb/server.go b/bskyweb/cmd/bskyweb/server.go index afd9247ac..2d75a2b72 100644 --- a/bskyweb/cmd/bskyweb/server.go +++ b/bskyweb/cmd/bskyweb/server.go @@ -57,6 +57,7 @@ func serve(cctx *cli.Context) error { linkHost := cctx.String("link-host") ipccHost := cctx.String("ipcc-host") basicAuthPassword := cctx.String("basic-auth-password") + corsOrigins := cctx.StringSlice("cors-allowed-origins") // Echo e := echo.New() @@ -168,6 +169,12 @@ func serve(cctx *cli.Context) error { RedirectCode: http.StatusFound, })) + // CORS middleware + e.Use(middleware.CORSWithConfig(middleware.CORSConfig{ + AllowOrigins: corsOrigins, + AllowMethods: []string{http.MethodGet, http.MethodHead, http.MethodOptions}, + })) + // // configure routes // |