From 1c28a8e932d1fc1ae8443be1ee1f766626402027 Mon Sep 17 00:00:00 2001
From: lrodham <lkrodham@gmail.com>
Date: Mon, 10 Apr 2017 20:03:17 +0100
Subject: [PATCH] added cors

---
 Makefile |  3 ++-
 main.go  | 22 +++++++++++++++++++++-
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 6a742ce..89ce60d 100644
--- a/Makefile
+++ b/Makefile
@@ -1,11 +1,12 @@
 BINARY=vault
 VERSION=test
 CONTAINER_PORT=-p 7007:7014
+ENV=-e VAULT_APP_URL=vault.app
 
 build:
 	docker run --rm -v ${PWD}:/go/src/app -w /go/src/app -e GOOS=linux -e GOARCH=386 sipsynergy/go-builder /bin/sh -c "godep get && godep go build"
 	docker build -t ${BINARY}:${VERSION} .
 start:
-	docker run -d ${CONTAINER_PORT} --name ${BINARY} ${BINARY}:${VERSION}
+	docker run -e ${ENV} -d ${CONTAINER_PORT} --name ${BINARY} ${BINARY}:${VERSION}
 stop:
 	docker stop ${BINARY} && docker rm ${BINARY}
diff --git a/main.go b/main.go
index 321cc3c..9091b54 100644
--- a/main.go
+++ b/main.go
@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"io"
 	"log"
+	"os"
 	"strings"
 	"time"
 
@@ -28,12 +29,31 @@ type Vault struct {
 
 func main() {
 	router := gin.Default()
-
+	router.Use(CORS(os.Getenv("VAULT_APP_URL")))
 	router.POST("/", createAction)
 	router.POST("/decrypt", decryptAction)
 	router.Run(":7014")
 }
 
+// CORS handles setting up the CORS security headers.
+func CORS(allowOrigin string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		c.Writer.Header().Set("Access-Control-Allow-Origin", allowOrigin)
+		c.Writer.Header().Set("Access-Control-Max-Age", "86400")
+		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PATCH, DELETE, UPDATE")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
+		c.Writer.Header().Set("Access-Control-Expose-Headers", "Content-Length")
+		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
+
+		if c.Request.Method == "OPTIONS" {
+			fmt.Println("OPTIONS")
+			c.AbortWithStatus(200)
+		} else {
+			c.Next()
+		}
+	}
+}
+
 func show(c *gin.Context) {
 	log.Println("asdasdsa")
 }