feat: move cors headers on options/post/get (#73)

* feat: move cors headers on options/post/get * fix: add cors headers inside cork/s
ForkbombEu · Mar 8, 2024 · ae93f13 · ae93f13
1 parent 562d395
commit ae93f13
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 16 deletions.
diff --git a/src/index.ts b/src/index.ts
@@ -152,7 +152,7 @@ Dir.ready(async () => {
 		app.get('/*', (res, req) => {
 			let file = path.join(publicDirectory, req.getUrl());
 			if (fs.existsSync(file)) {
-				const contentType = mime.getType(file) || 'application/octet-stream';
+				const contentType = mime.getType(file) || 'application/json';
 				res.writeHeader('Content-Type', contentType);
 				res.end(fs.readFileSync(file));
 			} else {
@@ -236,6 +236,7 @@ const generateRoutes = (app: TemplatedApp) => {
 							LOG.fatal(e);
 							res
 								.writeStatus('422 UNPROCESSABLE ENTITY')
+								.writeHeader('Access-Control-Allow-Origin', '*')
 								.writeHeader('Content-Type', 'application/json')
 								.end((e as Error).message);
 						}
@@ -249,8 +250,10 @@ const generateRoutes = (app: TemplatedApp) => {
 					if (!res.aborted) {
 						LOG.fatal(JSON.parse((e as Error).message));
 						res.cork(() => {
+							// setCorsHeaders(res);
 							res
 								.writeStatus('422 UNPROCESSABLE ENTITY')
+								.writeHeader('Access-Control-Allow-Origin', '*')
 								.writeHeader('Content-Type', 'application/json')
 								.end((e as Error).message);
 						});
@@ -267,7 +270,9 @@ const generateRoutes = (app: TemplatedApp) => {
 					if (!res.aborted) {
 						res.cork(() => {
 							const report = reportZenroomError(e as Error, LOG, endpoints);
-							res.writeStatus(metadata.errorCode).end(report);
+							res.writeStatus(metadata.errorCode)
+								.writeHeader('Access-Control-Allow-Origin', '*')
+								.end(report);
 						});
 						return;
 					}
@@ -276,8 +281,8 @@ const generateRoutes = (app: TemplatedApp) => {
 				res.cork(() => {
 					res
 						.writeStatus(metadata.successCode)
-						.writeHeader('Content-Type', metadata.successContentType)
 						.writeHeader('Access-Control-Allow-Origin', '*')
+						.writeHeader('Content-Type', metadata.successContentType)
 						.end(slangroomResult);
 					return;
 				});
@@ -286,19 +291,21 @@ const generateRoutes = (app: TemplatedApp) => {
 				res.cork(() =>
 					res
 						.writeStatus(metadata.errorCode)
+						.writeHeader('Access-Control-Allow-Origin', '*')
 						.end((e as Error).message)
 				);
 				return;
 			}
 		};
 		app.options(path, (res) => {
-			res.cork(() => {
-				res.onAborted(() => {
-					res.writeStatus('500').end('Aborted');
-				});
-
-				res.writeHeader('Access-Control-Allow-Origin', '*').writeStatus('200 OK').end();
+			res.onAborted(() => {
+				res.writeStatus('500')
+					.writeHeader('Access-Control-Allow-Origin', '*')
+					.end('Aborted');
 			});
+			res
+				.writeHeader('Access-Control-Allow-Origin', '*')
+				.end();
 		});
 
 		if (!metadata.disablePost) {
@@ -308,7 +315,10 @@ const generateRoutes = (app: TemplatedApp) => {
 				 * so it's important to attach the `onAborted` handler before everything else
 				 */
 				res.onAborted(() => {
-					res.writeStatus(metadata.errorCode ? metadata.errorCode : '500').end('Aborted');
+					res
+
+						.writeHeader('Access-Control-Allow-Origin', '*')
+						.writeStatus(metadata.errorCode ? metadata.errorCode : '500').end('Aborted');
 				});
 
 				let buffer: Buffer;
@@ -320,7 +330,10 @@ const generateRoutes = (app: TemplatedApp) => {
 							data = JSON.parse(buffer ? Buffer.concat([buffer, chunk]) : chunk);
 						} catch (e) {
 							L.error(e);
-							res.writeStatus(metadata.errorCode).end((e as Error).message);
+							res.writeStatus(metadata.errorCode)
+
+								.writeHeader('Access-Control-Allow-Origin', '*')
+								.end((e as Error).message);
 							return;
 						}
 						execZencodeAndReply(res, req, data);
@@ -342,7 +355,9 @@ const generateRoutes = (app: TemplatedApp) => {
 				 * so it's important to attach the `onAborted` handler before everything else
 				 */
 				res.onAborted(() => {
-					res.writeStatus(metadata.errorCode).end('Aborted');
+					res
+						.writeHeader('Access-Control-Allow-Origin', '*')
+						.writeStatus(metadata.errorCode).end('Aborted');
 				});
 
 				try {
@@ -357,14 +372,18 @@ const generateRoutes = (app: TemplatedApp) => {
 					execZencodeAndReply(res, req, data);
 				} catch (e) {
 					LOG.fatal(e);
-					res.writeStatus(metadata.errorCode).end((e as Error).message);
+					res
+						.writeHeader('Access-Control-Allow-Origin', '*')
+						.writeStatus(metadata.errorCode).end((e as Error).message);
 					return;
 				}
 			});
 		}
 
 		app.get(path + '/raw', (res, req) => {
-			res.writeStatus('200 OK').writeHeader('Content-Type', 'text/plain').end(contract);
+			res.writeStatus('200 OK')
+				.writeHeader('Access-Control-Allow-Origin', '*')
+				.writeHeader('Content-Type', 'text/plain').end(contract);
 		});
 
 		app.get(path + '/app', async (res, req) => {
@@ -376,7 +395,8 @@ const generateRoutes = (app: TemplatedApp) => {
 				endpoint: `http://${config.hostname}:${config.port}${path}`
 			});
 
-			res.writeStatus('200 OK').writeHeader('Content-Type', 'text/html').end(result);
+			res
+				.writeStatus('200 OK').writeHeader('Content-Type', 'text/html').end(result);
 		});
 
 		L.info(`📜 ${path}`);

diff --git a/src/slangroom.ts b/src/slangroom.ts
@@ -14,7 +14,6 @@ import { shell } from '@slangroom/shell';
 import { timestamp } from '@slangroom/timestamp';
 import { wallet } from '@slangroom/wallet';
 import { zencode } from '@slangroom/zencode';
-//
 
 const SLANGROOM_PLUGINS = [fs, git, helpers, http, JSONSchema, oauth, pocketbase, qrcode, redis, shell, timestamp, wallet, zencode];