diff --git a/config.namespaced-example.edn b/config.namespaced-example.edn index 06ebb45..639d22d 100644 --- a/config.namespaced-example.edn +++ b/config.namespaced-example.edn @@ -23,6 +23,10 @@ :triangulum.handler/private-response-keys #{} :triangulum.handler/upload-max-size-mb 100 :triangulum.handler/upload-max-file-count 10 + :triangulum.handler/cors-headers {"Access-Control-Allow-Origin" "https://example.com" + "Access-Control-Allow-Methods" "GET, POST, PUT, DELETE" + "Access-Control-Allow-Headers" "Content-Type, Authorization" + "Access-Control-Allow-Credentials" "true"} ;; workers (server) :triangulum.worker/workers [{:triangulum.worker/name "scheduler" diff --git a/config.nested-example.edn b/config.nested-example.edn index d824b87..edc2bf4 100644 --- a/config.nested-example.edn +++ b/config.nested-example.edn @@ -28,6 +28,12 @@ :workers {:scheduler {:start product-ns.jobs/start-scheduled-jobs! :stop product-ns.jobs/stop-scheduled-jobs!}} + ;; cors + :cors-headers {"Access-Control-Allow-Origin" "https://example.com" + "Access-Control-Allow-Methods" "GET, POST, PUT, DELETE" + "Access-Control-Allow-Headers" "Content-Type, Authorization" + "Access-Control-Allow-Credentials" "true"} + ;; response :response-type :json} ; :edn or :transit diff --git a/src/triangulum/config_namespaced_spec.clj b/src/triangulum/config_namespaced_spec.clj index 9501417..05161eb 100644 --- a/src/triangulum/config_namespaced_spec.clj +++ b/src/triangulum/config_namespaced_spec.clj @@ -39,6 +39,7 @@ :triangulum.handler/bad-tokens :triangulum.handler/upload-max-size-mb :triangulum.handler/upload-max-file-count + :triangulum.handler/cors-headers :triangulum.worker/workers :triangulum.response/response-type]))) diff --git a/src/triangulum/config_nested_spec.clj b/src/triangulum/config_nested_spec.clj index ca8920c..8ae8050 100644 --- a/src/triangulum/config_nested_spec.clj +++ b/src/triangulum/config_nested_spec.clj @@ -25,6 +25,7 @@ :triangulum.handler/private-response-keys :triangulum.handler/upload-max-size-mb :triangulum.handler/upload-max-file-count + :triangulum.handler/cors-headers :triangulum.worker/workers :triangulum.response/response-type])) diff --git a/src/triangulum/handler.clj b/src/triangulum/handler.clj index 38be164..cb8de90 100644 --- a/src/triangulum/handler.clj +++ b/src/triangulum/handler.clj @@ -182,6 +182,21 @@ (cookie-store {:key (-> (random-string 16) (string-to-bytes))})) +(defn wrap-cors-routes + "Adds CORS headers for specific routes" + [handler] + (fn [{:keys [uri headers] :as request}] + (let [cors-config (get-config :handler :cors-headers) + routes (->> (get-config :triangulum.handler/routing-tables) + (map (comp deref resolve-foreign-symbol)) + (apply merge)) + route (some (fn [[key value]] + (when (= (second key) uri) + {key value})) routes)] + (if (get-in route [1 :cors]) + (handler (assoc request :headers (merge headers cors-config))) + (handler request))))) + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; Upload Configuration ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -248,6 +263,7 @@ (wrap-content-type-options :nosniff) wrap-response-logging wrap-gzip + wrap-cors-routes wrap-exceptions (optional-middleware wrap-reload reload?)))