update: add new env variable for setting cors list

2025-09-11 13:02:16 +07:00
parent 9e794bf53f
commit 41f9835365
2 changed files with 26 additions and 12 deletions
--- a/server/http.go
+++ b/server/http.go
@ -59,9 +59,34 @@ func (w *connResponseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) {
 }

 var redirectTLS = false
+var allowedCors = make(map[string]bool)
+var isAllowedAllCors = false
+
+func init() {
+	corsList := utils.Getenv("cors_list")
+	if corsList == "*" {
+		isAllowedAllCors = true
+	} else {
+		for _, allowedOrigin := range strings.Split(corsList, ",") {
+			allowedCors[allowedOrigin] = true
+		}
+	}
+	fmt.Println(allowedCors)
+}

 func NewHTTPServer() error {
-	upgrader.CheckOrigin = func(r *http.Request) bool { return true }
+	upgrader.CheckOrigin = func(r *http.Request) bool {
+		if isAllowedAllCors {
+			return true
+		} else {
+			isAllowed, ok := allowedCors[r.Host]
+			if !ok || !isAllowed {
+				return false
+			}
+			return true
+		}
+	}
+
 	listener, err := net.Listen("tcp", ":80")
 	if err != nil {
 		return errors.New("Error listening: " + err.Error())
@ -97,16 +122,10 @@ func Handler(conn net.Conn) {
 	host := strings.Split(parseHostFromHeader(headers), ".")
 	if len(host) < 1 {
 		conn.Write([]byte("HTTP/1.1 400 Bad Request\r\n\r\n"))
-		log.Println("Bad Request")
 		conn.Close()
 		return
 	}

-	if len(host) < 1 {
-		conn.Write([]byte("HTTP/1.1 400 Bad Request\r\n\r\n"))
-		conn.Close()
-		return
-	}
 	slug := host[0]

 	if redirectTLS {
--- a/server/https.go
+++ b/server/https.go
@ -59,11 +59,6 @@ func HandlerTLS(conn net.Conn) {
 		return
 	}

-	if len(host) < 1 {
-		conn.Write([]byte("HTTP/1.1 400 Bad Request\r\n\r\n"))
-		conn.Close()
-		return
-	}
 	slug := host[0]

 	if slug == "ping" {