Add nopath for vue things

2020-07-25 02:23:04 -06:00 · 2020-07-25 02:23:04 -06:00 · ec1e0cdf2e
parent 61811e8e61
commit ec1e0cdf2e
3 changed files with 37 additions and 1 deletions
--- a/config/config.go
+++ b/config/config.go
@ -1,6 +1,7 @@
 package config

 import (
+	"encoding/json"
 	"fmt"
 	"log"
 	"strings"
@ -78,3 +79,23 @@ func GetTimeout() time.Duration {
 	timeout := conf.Get("timeout").GetDuration()
 	return timeout
 }
+
+func GetCORS(key string) bool {
+	cors := conf.GetString("cors")
+	var m map[string]bool
+	if err := json.Unmarshal([]byte(cors), &m); err != nil {
+		return false
+	}
+	_, ok := m[key]
+	return ok
+}
+
+func GetNoPath(key string) bool {
+	nopath := conf.GetString("nopath")
+	var m map[string]bool
+	if err := json.Unmarshal([]byte(nopath), &m); err != nil {
+		return false
+	}
+	_, ok := m[key]
+	return ok
+}
--- a/config/new.go
+++ b/config/new.go
@ -48,6 +48,8 @@ func parseArgs() (*args.ArgSet, error) {
 	as.Append(args.DURATION, "timeout", "timeout for tunnel", time.Minute)
 	as.Append(args.STRING, "proxy", "double-comma separated (+ if oauth)from,scheme://to.tld:port,oauth,,", "")
 	as.Append(args.STRING, "oauth", "url for boauthz", "")
+	as.Append(args.STRING, "cors", "json dict key:true for keys to set CORS permissive headers, like {\"from\":true}", "{}")
+	as.Append(args.STRING, "nopath", "json dict key:true for keys to remove all path info from forwarded request, like -cors", "{}")

 	err := as.Parse()
 	return as, err
--- a/server/server.go
+++ b/server/server.go
@ -100,6 +100,17 @@ func (s *Server) Run() error {

 func (s *Server) doAuth(foo http.HandlerFunc) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
+		key := mapKey(r.Host)
+		if config.GetCORS(key) {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+			w.Header().Set("Access-Control-Allow-Headers", "X-Auth-Token, content-type, Content-Type")
+			if r.Method == "OPTIONS" {
+				w.Header().Set("Content-Length", "0")
+				w.Header().Set("Content-Type", "text/plain")
+				w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS, TRACE, PATCH, HEAD")
+				return
+			}
+		}
 		rusr, rpwd, ok := config.GetAuth()
 		if ok {
 			usr, pwd, ok := r.BasicAuth()
@ -109,7 +120,6 @@ func (s *Server) doAuth(foo http.HandlerFunc) http.HandlerFunc {
 				return
 			}
 		}
-		key := mapKey(r.Host)
 		ok, err := s.lookupBOAuthZ(key)
 		if err != nil {
 			w.WriteHeader(http.StatusInternalServerError)
@ -121,6 +131,9 @@ func (s *Server) doAuth(foo http.HandlerFunc) http.HandlerFunc {
 				return
 			}
 		}
+		if config.GetNoPath(key) {
+			r.URL.Path = "/"
+		}
 		foo(w, r)
 	}
 }