From ece257d5f46af703bfd2c6a71af8e1bef772b997 Mon Sep 17 00:00:00 2001
From: "Daniel W. Steinbrook" <dsteinbrook@gmail.com>
Date: Fri, 8 Dec 2023 05:01:29 -0500
Subject: [PATCH] Add CORS headers to Caddyfiles needed for
 https://soundscape-community.github.io/soundscape-web-client/(#76)

---
 svcs/data/caddy/Caddyfile.blue  | 11 +++++++++++
 svcs/data/caddy/Caddyfile.green | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/svcs/data/caddy/Caddyfile.blue b/svcs/data/caddy/Caddyfile.blue
index 58c40dcd..964cd75a 100644
--- a/svcs/data/caddy/Caddyfile.blue
+++ b/svcs/data/caddy/Caddyfile.blue
@@ -5,11 +5,22 @@
 # configuration. The only difference between the two configurations is the port
 # number to forward the request to, 8081 for blue and 8082 for green.
 
+(cors) {
+  @origin{args.0} header Origin {args.0}
+  header @origin{args.0} Access-Control-Allow-Origin "{args.0}"
+  header @origin{args.0} Vary Origin
+}
+
 tiles.soundscape.services {
     reverse_proxy localhost:8081 {
         header_up X-Real-IP {remote_host}
     }
     header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+    header Access-Control-Allow-Methods "GET"
+    header Access-Control-Allow-Headers "*"
+
+    # Allow requests coming from the Soundscape web client hosted on Github
+    import cors https://soundscape-community.github.io
 }
 
 newprod0.openscape.io {
diff --git a/svcs/data/caddy/Caddyfile.green b/svcs/data/caddy/Caddyfile.green
index 3329add9..684c5213 100644
--- a/svcs/data/caddy/Caddyfile.green
+++ b/svcs/data/caddy/Caddyfile.green
@@ -5,11 +5,22 @@
 # configuration. The only difference between the two configurations is the port
 # number to forward the request to, 8081 for blue and 8082 for green.
 
+(cors) {
+  @origin{args.0} header Origin {args.0}
+  header @origin{args.0} Access-Control-Allow-Origin "{args.0}"
+  header @origin{args.0} Vary Origin
+}
+
 tiles.soundscape.services {
     reverse_proxy localhost:8082 {
         header_up X-Real-IP {remote_host}
     }
     header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+    header Access-Control-Allow-Methods "GET"
+    header Access-Control-Allow-Headers "*"
+
+    # Allow requests coming from the Soundscape web client hosted on Github
+    import cors https://soundscape-community.github.io
 }
 
 newprod0.openscape.io {