diff --git a/src/main/java/io/kamax/mxisd/HttpMxisd.java b/src/main/java/io/kamax/mxisd/HttpMxisd.java index 7ecb054..61ef6fb 100644 --- a/src/main/java/io/kamax/mxisd/HttpMxisd.java +++ b/src/main/java/io/kamax/mxisd/HttpMxisd.java @@ -21,6 +21,7 @@ package io.kamax.mxisd; import io.kamax.mxisd.config.MxisdConfig; +import io.kamax.mxisd.http.undertow.handler.OptionsHandler; import io.kamax.mxisd.http.undertow.handler.SaneHandler; import io.kamax.mxisd.http.undertow.handler.as.v1.AsNotFoundHandler; import io.kamax.mxisd.http.undertow.handler.as.v1.AsTransactionHandler; @@ -59,6 +60,8 @@ public class HttpMxisd { httpSrv = Undertow.builder().addHttpListener(m.getConfig().getServer().getPort(), "0.0.0.0").setHandler(Handlers.routing() + .add("OPTIONS", "/**", SaneHandler.around(new OptionsHandler())) + // Status endpoints .get(StatusHandler.Path, SaneHandler.around(new StatusHandler())) diff --git a/src/main/java/io/kamax/mxisd/http/undertow/handler/OptionsHandler.java b/src/main/java/io/kamax/mxisd/http/undertow/handler/OptionsHandler.java new file mode 100644 index 0000000..cef88ad --- /dev/null +++ b/src/main/java/io/kamax/mxisd/http/undertow/handler/OptionsHandler.java @@ -0,0 +1,32 @@ +/* + * mxisd - Matrix Identity Server Daemon + * Copyright (C) 2019 Kamax Sarl + * + * https://www.kamax.io/ + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +package io.kamax.mxisd.http.undertow.handler; + +import io.undertow.server.HttpServerExchange; + +public class OptionsHandler extends BasicHttpHandler { + + @Override + public void handleRequest(HttpServerExchange exchange) { + // no-op + } + +} diff --git a/src/main/java/io/kamax/mxisd/http/undertow/handler/SaneHandler.java b/src/main/java/io/kamax/mxisd/http/undertow/handler/SaneHandler.java index d254077..e4cc8a1 100644 --- a/src/main/java/io/kamax/mxisd/http/undertow/handler/SaneHandler.java +++ b/src/main/java/io/kamax/mxisd/http/undertow/handler/SaneHandler.java @@ -27,6 +27,7 @@ import io.kamax.matrix.json.InvalidJsonException; import io.kamax.mxisd.exception.*; import io.undertow.server.HttpHandler; import io.undertow.server.HttpServerExchange; +import io.undertow.util.HttpString; import org.apache.commons.lang.StringUtils; import org.apache.http.HttpStatus; import org.slf4j.Logger; @@ -56,6 +57,11 @@ public class SaneHandler extends BasicHttpHandler { exchange.dispatch(this); } else { try { + // CORS headers as per spec + exchange.getResponseHeaders().put(HttpString.tryFromString("Access-Control-Allow-Origin"), "*"); + exchange.getResponseHeaders().put(HttpString.tryFromString("Access-Control-Allow-Methods"), "GET, POST, PUT, DELETE, OPTIONS"); + exchange.getResponseHeaders().put(HttpString.tryFromString("Access-Control-Allow-Headers"), "Origin, X-Requested-With, Content-Type, Accept, Authorization"); + child.handleRequest(exchange); } catch (IllegalArgumentException e) { respond(exchange, HttpStatus.SC_BAD_REQUEST, GsonUtil.makeObj("error", e.getMessage()));