From de853715e1454aba5e5300ffcc1d5b2bd8dc267d Mon Sep 17 00:00:00 2001
From: "Schanzenbach, Martin" <mschanzenbach@posteo.de>
Date: Mon, 15 Jul 2019 09:57:20 +0200
Subject: [PATCH] re-enable support for CORS config

---
 src/rest/gnunet-rest-server.c | 51 ++++++++++++++++++++++++++++-------
 src/rest/rest.conf            |  1 +
 2 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/src/rest/gnunet-rest-server.c b/src/rest/gnunet-rest-server.c
index 26ac3feab..6b89d19fe 100644
--- a/src/rest/gnunet-rest-server.c
+++ b/src/rest/gnunet-rest-server.c
@@ -124,6 +124,11 @@ static struct GNUNET_CONTAINER_MultiHashMap *plugin_map;
  */
 static int echo_origin;
 
+/**
+ * Allowed Origins (CORS)
+ */
+static char *allow_origins;
+
 /**
  * Allowed Headers (CORS)
  */
@@ -439,17 +444,17 @@ create_response (void *cls,
     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                 "Queueing response from plugin with MHD\n");
     //Handle Preflights for extensions
-    if (GNUNET_YES == echo_origin)
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Checking origin\n");
+    GNUNET_CRYPTO_hash ("origin", strlen ("origin"), &key);
+    origin = GNUNET_CONTAINER_multihashmap_get (con_handle->data_handle
+                                                  ->header_param_map,
+                                                &key);
+    if (NULL != origin)
     {
-      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Checking origin\n");
-      GNUNET_CRYPTO_hash ("origin", strlen ("origin"), &key);
-      origin = GNUNET_CONTAINER_multihashmap_get (con_handle->data_handle
-                                                    ->header_param_map,
-                                                  &key);
-      if (NULL != origin)
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Origin: %s\n", origin);
+      //Only echo for browser plugins
+      if (GNUNET_YES == echo_origin)
       {
-        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Origin: %s\n", origin);
-        //Only echo for browser plugins
         if ((0 == strncmp ("moz-extension://",
                            origin,
                            strlen ("moz-extension://"))) ||
@@ -462,6 +467,23 @@ create_response (void *cls,
                                    origin);
         }
       }
+      if (NULL != allow_origins)
+      {
+        char *tmp = GNUNET_strdup (allow_origins);
+        char *allow_origin = strtok (tmp, ",");
+        while (NULL != allow_origin)
+        {
+          if (0 == strncmp (allow_origin, origin, strlen (allow_origin)))
+          {
+            MHD_add_response_header (con_handle->response,
+                                     MHD_HTTP_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN,
+                                     allow_origin);
+            break;
+          }
+          allow_origin = strtok (NULL, ",");
+        }
+        GNUNET_free (tmp);
+      }
     }
     if (NULL != allow_credentials)
     {
@@ -878,6 +900,15 @@ run (void *cls,
     GNUNET_CONFIGURATION_get_value_yesno (cfg,
                                           "rest",
                                           "REST_ECHO_ORIGIN_WEBEXT");
+  allow_origins = NULL;
+  if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (cfg,
+                                                          "rest",
+                                                          "REST_ALLOW_ORIGIN",
+                                                          &allow_origins))
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                "No CORS Access-Control-Allow-Origin header will be sent...\n");
+  }
   if (GNUNET_OK !=
       GNUNET_CONFIGURATION_get_value_string (cfg,
                                              "rest",
@@ -886,7 +917,7 @@ run (void *cls,
   {
     //No origin specified
     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                "No CORS Access-Control-Allow-Origin Header will be sent...\n");
+                "No CORS Credential Header will be sent...\n");
   }
 
   if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (cfg,
diff --git a/src/rest/rest.conf b/src/rest/rest.conf
index 08f4d2bc3..2b690b5b3 100644
--- a/src/rest/rest.conf
+++ b/src/rest/rest.conf
@@ -7,4 +7,5 @@ BIND_TO=127.0.0.1
 BIND_TO6=::1
 REST_ALLOW_HEADERS=Authorization,Accept,Content-Type
 REST_ECHO_ORIGIN_WEBEXT=YES
+REST_ALLOW_ORIGIN=http://localhost:4200
 REST_ALLOW_CREDENTIALS=true
-- 
2.25.1