Fri, 28 Dec 2018 04:38:08 -0500
Allow CORS for /run end-point
scansion/serve.lua | file | annotate | diff | comparison | revisions |
--- a/scansion/serve.lua Fri Dec 28 04:35:51 2018 -0500 +++ b/scansion/serve.lua Fri Dec 28 04:38:08 2018 -0500 @@ -10,6 +10,15 @@ return "Hello world"; end +local function set_cross_domain_headers(response, origin) + local headers = response.headers; + headers.access_control_allow_methods = "GET, POST, OPTIONS"; + headers.access_control_allow_headers = "Content-Type"; + headers.access_control_max_age = "7200"; + headers.access_control_allow_origin = origin; + return response; +end + local function run(config, run_script) function handle_run_request(event) local request, response = event.request, event.response; @@ -33,6 +42,7 @@ response.status_code = 201; response.headers.connection = "close"; response.headers.transfer_encoding = "chunked"; + set_cross_domain_headers(response, config.origin); -- Let browser JS see the response response.conn:send(table.concat(http_server.prepare_header(response))); local ok, ret = pcall(run_script, "web", event.request.body, log);