boltless.me / zoekt
fork of https://github.com/sourcegraph/zoekt
0
Fork 0

Configure Feed

Select the types of activity you want to include in your feed.

Add cors_origin flag to zoekt-webserver to enable CORS headers (#993)

author
Łukasz Kurowski committer
GitHub date (Nov 20, 2025, 10:21 AM +0200) commit 2e375df0 parent 4aca321b
+29
+29
cmd/zoekt-webserver/main.go
··· 145 145 146 146 templateDir := flag.String("template_dir", "", "set directory from which to load custom .html.tpl template files") 147 147 dumpTemplates := flag.Bool("dump_templates", false, "dump templates into --template_dir and exit.") 148 + corsOrigin := flag.String("cors_origin", "", "allow requests from this origin. If empty, no CORS headers are set.") 148 149 version := flag.Bool("version", false, "Print version number") 149 150 150 151 flag.Parse() ··· 291 292 grpcServer := newGRPCServer(logger, streamer) 292 293 293 294 handler = grpcutil.MultiplexGRPC(grpcServer, handler) 295 + handler = corsHandler(handler, *corsOrigin) 294 296 295 297 srv := &http.Server{ 296 298 Addr: *listen, ··· 600 602 webserverv1.RegisterWebserverServiceServer(s, grpcserver.NewServer(streamer)) 601 603 602 604 return s 605 + } 606 + 607 + func corsHandler(h http.Handler, origin string) http.Handler { 608 + if origin == "" { 609 + return h 610 + } 611 + 612 + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 613 + if r.Header.Get("Origin") == "" { 614 + h.ServeHTTP(w, r) 615 + return 616 + } 617 + 618 + w.Header().Set("Access-Control-Allow-Origin", origin) 619 + w.Header().Set("Access-Control-Max-Age", "86400") 620 + w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS") 621 + w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization") 622 + w.Header().Add("Vary", "Origin") 623 + 624 + if r.Method == "OPTIONS" { 625 + w.Header().Set("Access-Control-Max-Age", "86400") 626 + w.WriteHeader(http.StatusOK) 627 + return 628 + } 629 + 630 + h.ServeHTTP(w, r) 631 + }) 603 632 } 604 633 605 634 var (