From 731f03829cc7f4a29753a5a80156b22166233bcf Mon Sep 17 00:00:00 2001
From: "Kevin (Kun) \"Kassimo\" Qian" <kevinkassimo@gmail.com>
Date: Sun, 23 Dec 2018 22:50:49 -0500
Subject: [PATCH] Add CORS option to file_server (#45)

---
 net/file_server.ts      | 28 ++++++++++++++++++++++++++--
 net/file_server_test.ts |  6 ++++++
 test.ts                 |  2 +-
 3 files changed, 33 insertions(+), 3 deletions(-)

diff --git a/net/file_server.ts b/net/file_server.ts
index 9306dbcd5c..3d14934db4 100755
--- a/net/file_server.ts
+++ b/net/file_server.ts
@@ -40,12 +40,22 @@ const dirViewerTemplate = `
 </html>
 `;
 
+const serverArgs = args.slice();
+let CORSEnabled = false;
+// TODO: switch to flags if we later want to add more options
+for (let i = 0; i < serverArgs.length; i++) {
+  if (serverArgs[i] === "--cors") {
+    CORSEnabled = true;
+    serverArgs.splice(i, 1);
+    break;
+  }
+}
 let currentDir = cwd();
-const target = args[1];
+const target = serverArgs[1];
 if (target) {
   currentDir = `${currentDir}/${target}`;
 }
-const addr = `0.0.0.0:${args[2] || 4500}`;
+const addr = `0.0.0.0:${serverArgs[2] || 4500}`;
 const encoder = new TextEncoder();
 
 function modeToString(isDir: boolean, maybeMode: number | null) {
@@ -188,6 +198,17 @@ function serverLog(req: ServerRequest, res: Response) {
   console.log(s);
 }
 
+function setCORS(res: Response) {
+  if (!res.headers) {
+    res.headers = new Headers();
+  }
+  res.headers!.append("access-control-allow-origin", "*");
+  res.headers!.append(
+    "access-control-allow-headers",
+    "Origin, X-Requested-With, Content-Type, Accept, Range"
+  );
+}
+
 listenAndServe(addr, async req => {
   const fileName = req.url.replace(/\/$/, "");
   const filePath = currentDir + fileName;
@@ -206,6 +227,9 @@ listenAndServe(addr, async req => {
   } catch (e) {
     response = await serveFallback(req, e);
   } finally {
+    if (CORSEnabled) {
+      setCORS(response);
+    }
     serverLog(req, response);
     req.respond(response);
   }
diff --git a/net/file_server_test.ts b/net/file_server_test.ts
index a04ced7e5c..b751b1145a 100644
--- a/net/file_server_test.ts
+++ b/net/file_server_test.ts
@@ -23,6 +23,8 @@ export function runTests(serverReadyPromise: Promise<any>) {
   test(async function serveFile() {
     await serverReadyPromise;
     const res = await fetch("http://localhost:4500/.travis.yml");
+    assert(res.headers.has("access-control-allow-origin"));
+    assert(res.headers.has("access-control-allow-headers"));
     const downloadedFile = await res.text();
     const localFile = new TextDecoder().decode(await readFile("./.travis.yml"));
     assertEqual(downloadedFile, localFile);
@@ -32,6 +34,8 @@ export function runTests(serverReadyPromise: Promise<any>) {
   test(async function serveDirectory() {
     await serverReadyPromise;
     const res = await fetch("http://localhost:4500/");
+    assert(res.headers.has("access-control-allow-origin"));
+    assert(res.headers.has("access-control-allow-headers"));
     const page = await res.text();
     assert(page.includes(".travis.yml"));
     maybeCompleteTests();
@@ -40,6 +44,8 @@ export function runTests(serverReadyPromise: Promise<any>) {
   test(async function serveFallback() {
     await serverReadyPromise;
     const res = await fetch("http://localhost:4500/badfile.txt");
+    assert(res.headers.has("access-control-allow-origin"));
+    assert(res.headers.has("access-control-allow-headers"));
     assertEqual(res.status, 404);
     maybeCompleteTests();
   });
diff --git a/test.ts b/test.ts
index 703ce639d6..e2a76f38ff 100755
--- a/test.ts
+++ b/test.ts
@@ -19,7 +19,7 @@ import "logging/test.ts";
 
 // file server test
 const fileServer = run({
-  args: ["deno", "--allow-net", "net/file_server.ts", "."]
+  args: ["deno", "--allow-net", "net/file_server.ts", ".", "--cors"]
 });
 // path test
 import "path/basename_test.ts";