From 4c2557126626a7bb0ae9bfb5897b5f38965489d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20=C5=A0ediv=C3=BD?= Date: Fri, 26 Jan 2024 20:16:14 +0100 Subject: [PATCH] add CORS, fixes #50. --- README.md | 3 +++ go.mod | 1 + go.sum | 2 ++ internal/config/config.go | 7 +++++++ internal/http/http.go | 18 +++++++++++++++--- 5 files changed, 28 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5712194..714f74f 100644 --- a/README.md +++ b/README.md @@ -61,6 +61,9 @@ static: /var/www/html # X-Forwarded-For headers will be used to determine the client IP proxy: true +# allow CORS requests (for web players) +cors: true + # For live streaming streams: cam: rtmp://localhost/live/cam diff --git a/go.mod b/go.mod index b87cdd4..d7fb853 100644 --- a/go.mod +++ b/go.mod @@ -5,6 +5,7 @@ go 1.17 require ( github.com/fsnotify/fsnotify v1.5.1 github.com/go-chi/chi/v5 v5.0.10 + github.com/go-chi/cors v1.2.1 github.com/mitchellh/mapstructure v1.4.2 // indirect github.com/pelletier/go-toml v1.9.4 // indirect github.com/rs/zerolog v1.25.0 diff --git a/go.sum b/go.sum index c1f42c7..7034e4c 100644 --- a/go.sum +++ b/go.sum @@ -86,6 +86,8 @@ github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-chi/chi/v5 v5.0.10 h1:rLz5avzKpjqxrYwXNfmjkrYYXOyLJd37pz53UFHC6vk= github.com/go-chi/chi/v5 v5.0.10/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= +github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4= +github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= diff --git a/internal/config/config.go b/internal/config/config.go index 49079af..532aae2 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -89,6 +89,7 @@ type Server struct { Bind string Static string Proxy bool + CORS bool BaseDir string `yaml:"basedir,omitempty"` Streams map[string]string `yaml:"streams"` @@ -126,6 +127,11 @@ func (Server) Init(cmd *cobra.Command) error { return err } + cmd.PersistentFlags().Bool("cors", false, "enable CORS") + if err := viper.BindPFlag("cors", cmd.PersistentFlags().Lookup("cors")); err != nil { + return err + } + cmd.PersistentFlags().String("basedir", "", "base directory for assets and profiles") if err := viper.BindPFlag("basedir", cmd.PersistentFlags().Lookup("basedir")); err != nil { return err @@ -145,6 +151,7 @@ func (s *Server) Set() { s.Bind = viper.GetString("bind") s.Static = viper.GetString("static") s.Proxy = viper.GetBool("proxy") + s.CORS = viper.GetBool("cors") s.BaseDir = viper.GetString("basedir") if s.BaseDir == "" { diff --git a/internal/http/http.go b/internal/http/http.go index 0e60e46..2c30de8 100644 --- a/internal/http/http.go +++ b/internal/http/http.go @@ -8,6 +8,7 @@ import ( "github.com/go-chi/chi/v5" "github.com/go-chi/chi/v5/middleware" + "github.com/go-chi/cors" "github.com/rs/zerolog" "github.com/rs/zerolog/log" @@ -26,12 +27,23 @@ func New(config *config.Server) *HttpManagerCtx { router := chi.NewRouter() router.Use(middleware.RequestID) // Create a request ID for each request - router.Use(middleware.RequestLogger(&logformatter{logger})) - router.Use(middleware.Recoverer) // Recover from panics without crashing server - if config.Proxy { router.Use(middleware.RealIP) } + router.Use(middleware.RequestLogger(&logformatter{logger})) + router.Use(middleware.Recoverer) // Recover from panics without crashing server + if config.CORS { + router.Use(cors.Handler(cors.Options{ + AllowOriginFunc: func(r *http.Request, origin string) bool { + return true + }, + AllowedMethods: []string{"GET", "OPTIONS"}, + AllowedHeaders: []string{"Accept", "Content-Type", "Content-Length", "Accept-Encoding"}, + ExposedHeaders: []string{"Link"}, + AllowCredentials: true, + MaxAge: 300, // Maximum value not ignored by any of major browsers + })) + } // serve static files if config.Static != "" {