feat: add allow-origin header

Users can now restrict who can request the blip data via HTTP.
TGRHavoc · May 17, 2019 · b1bb783 · b1bb783
1 parent 5a99b20
commit b1bb783
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/server/blips_server.lua b/server/blips_server.lua
@@ -37,6 +37,9 @@ function cacheIsEmpty()
 end
 
 function sendBlips(res)
+    -- Restrict the origin if set, otherwise allow everyone
+    res.writeHead(200, { ["Access-Control-Allow-Origin"] = GetConvar("livemap_access_control", "*")} )
+
     if not cacheIsEmpty() then
         res.send(json.encode(cache))
         return
@@ -85,7 +88,7 @@ RegisterCommand("blips", function(source, args, rawCommand)
         playerWhoGeneratedBlips = playerId
 
         TriggerClientEvent("livemap:getBlipsFromClient", source)
-        
+
         return
     end