Add ability to configure CORS header (#1345)

## Issue Addressed #1177 ## Proposed Changes Add a command line option (`--http-allow-origin`) and a config item for configuring the `Access-Control-Allow-Origin` response header. This should unblock making XMLHttpRequests.
sigp · Jul 16, 2020 · fc5e6cb · fc5e6cb
1 parent 4a01f44
commit fc5e6cb
Show file tree

Hide file tree

Showing 9 changed files with 221 additions and 163 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/beacon_node/Cargo.toml b/beacon_node/Cargo.toml
@@ -39,3 +39,4 @@ eth2_libp2p = { path = "./eth2_libp2p" }
 eth2_ssz = "0.1.2"
 serde = "1.0.110"
 clap_utils = { path = "../common/clap_utils" }
+hyper = "0.13.5"
diff --git a/beacon_node/rest_api/src/config.rs b/beacon_node/rest_api/src/config.rs
@@ -38,6 +38,9 @@ pub struct Config {
     pub listen_address: Ipv4Addr,
     /// The port the REST API HTTP server will listen on.
     pub port: u16,
+    /// If something else than "", a 'Access-Control-Allow-Origin' header will be present in
+    /// responses.  Put *, to allow any origin.
+    pub allow_origin: String,
 }
 
 impl Default for Config {
@@ -46,6 +49,7 @@ impl Default for Config {
             enabled: false,
             listen_address: Ipv4Addr::new(127, 0, 0, 1),
             port: 5052,
+            allow_origin: "".to_string(),
         }
     }
 }
diff --git a/beacon_node/rest_api/src/error.rs b/beacon_node/rest_api/src/error.rs
@@ -11,6 +11,7 @@ pub enum ApiError {
     UnsupportedType(String),
     ImATeapot(String),       // Just in case.
     ProcessingError(String), // A 202 error, for when a block/attestation cannot be processed, but still transmitted.
+    InvalidHeaderValue(String),
 }
 
 pub type ApiResult = Result<Response<Body>, ApiError>;
@@ -26,6 +27,7 @@ impl ApiError {
             ApiError::UnsupportedType(desc) => (StatusCode::UNSUPPORTED_MEDIA_TYPE, desc),
             ApiError::ImATeapot(desc) => (StatusCode::IM_A_TEAPOT, desc),
             ApiError::ProcessingError(desc) => (StatusCode::ACCEPTED, desc),
+            ApiError::InvalidHeaderValue(desc) => (StatusCode::INTERNAL_SERVER_ERROR, desc),
         }
     }
 }
@@ -77,6 +79,12 @@ impl From<std::io::Error> for ApiError {
     }
 }
 
+impl From<hyper::header::InvalidHeaderValue> for ApiError {
+    fn from(e: hyper::header::InvalidHeaderValue) -> ApiError {
+        ApiError::InvalidHeaderValue(format!("Invalid CORS header value: {:?}", e))
+    }
+}
+
 impl StdError for ApiError {
     fn cause(&self) -> Option<&dyn StdError> {
         None

diff --git a/beacon_node/rest_api/src/lib.rs b/beacon_node/rest_api/src/lib.rs
@@ -64,12 +64,14 @@ pub fn start_server<T: BeaconChainTypes>(
 ) -> Result<SocketAddr, hyper::Error> {
     let log = executor.log();
     let inner_log = log.clone();
+    let rest_api_config = Arc::new(config.clone());
     let eth2_config = Arc::new(eth2_config);
 
     // Define the function that will build the request handler.
     let make_service = make_service_fn(move |_socket: &AddrStream| {
         let beacon_chain = beacon_chain.clone();
         let log = inner_log.clone();
+        let rest_api_config = rest_api_config.clone();
         let eth2_config = eth2_config.clone();
         let network_globals = network_info.network_globals.clone();
         let network_channel = network_info.network_chan.clone();
@@ -84,6 +86,7 @@ pub fn start_server<T: BeaconChainTypes>(
                     beacon_chain.clone(),
                     network_globals.clone(),
                     network_channel.clone(),
+                    rest_api_config.clone(),
                     eth2_config.clone(),
                     log.clone(),
                     db_path.clone(),