aboutsummaryrefslogtreecommitdiffstats
path: root/rpc/http.go
diff options
context:
space:
mode:
authorTaylor Gerring <taylor.gerring@gmail.com>2015-03-30 03:56:04 +0800
committerTaylor Gerring <taylor.gerring@gmail.com>2015-03-30 03:56:04 +0800
commitb6fde73ef130e80eb834a60e766ce288de800bef (patch)
tree2552c164ec1e115ad819c79808dfc252f1629547 /rpc/http.go
parent04a7c4ae1e7fe9683854fd759cad0e5e04a2f2c0 (diff)
downloadgo-tangerine-b6fde73ef130e80eb834a60e766ce288de800bef.tar
go-tangerine-b6fde73ef130e80eb834a60e766ce288de800bef.tar.gz
go-tangerine-b6fde73ef130e80eb834a60e766ce288de800bef.tar.bz2
go-tangerine-b6fde73ef130e80eb834a60e766ce288de800bef.tar.lz
go-tangerine-b6fde73ef130e80eb834a60e766ce288de800bef.tar.xz
go-tangerine-b6fde73ef130e80eb834a60e766ce288de800bef.tar.zst
go-tangerine-b6fde73ef130e80eb834a60e766ce288de800bef.zip
Add settable domain to CORS handler #331
Diffstat (limited to 'rpc/http.go')
-rw-r--r--rpc/http.go20
1 files changed, 17 insertions, 3 deletions
diff --git a/rpc/http.go b/rpc/http.go
index d146f28a6..f15d557ad 100644
--- a/rpc/http.go
+++ b/rpc/http.go
@@ -10,6 +10,7 @@ import (
"github.com/ethereum/go-ethereum/logger"
"github.com/ethereum/go-ethereum/xeth"
+ "github.com/rs/cors"
)
var rpclogger = logger.NewLogger("RPC")
@@ -25,7 +26,21 @@ func Start(pipe *xeth.XEth, config RpcConfig) error {
rpclogger.Errorf("Can't listen on %s:%d: %v", config.ListenAddress, config.ListenPort, err)
return err
}
- go http.Serve(l, JSONRPC(pipe))
+
+ var handler http.Handler
+ if len(config.CorsDomain) > 0 {
+ var opts cors.Options
+ opts.AllowedMethods = []string{"POST"}
+ opts.AllowedOrigins = []string{config.CorsDomain}
+
+ c := cors.New(opts)
+ handler = c.Handler(JSONRPC(pipe))
+ } else {
+ handler = JSONRPC(pipe)
+ }
+
+ go http.Serve(l, handler)
+
return nil
}
@@ -34,8 +49,7 @@ func JSONRPC(pipe *xeth.XEth) http.Handler {
api := NewEthereumApi(pipe)
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
- // TODO this needs to be configurable
- w.Header().Set("Access-Control-Allow-Origin", "*")
+ w.Header().Set("Content-Type", "application/json")
// Limit request size to resist DoS
if req.ContentLength > maxSizeReqLength {