diff --git a/keyserver/flow-typed/npm/cors_v2.x.x.js b/keyserver/flow-typed/npm/cors_v2.x.x.js new file mode 100644 --- /dev/null +++ b/keyserver/flow-typed/npm/cors_v2.x.x.js @@ -0,0 +1,26 @@ +// flow-typed signature: 425712a647645fb8847dbd9109337837 +// flow-typed version: c6154227d1/cors_v2.x.x/flow_>=v0.104.x + +// @flow + +type CustomOrigin = ( + requestOrigin: string, + callback: (err: Error | null, allow?: boolean) => void +) => void; + +type CorsOptions = { + origin?: boolean | string | RegExp | string[] | RegExp[] | CustomOrigin, + methods?: string | string[], + allowedHeaders?: string | string[], + exposedHeaders?: string | string[], + credentials?: boolean, + maxAge?: number, + preflightContinue?: boolean, + optionsSuccessStatus?: number, + ... +} + +declare module "cors" { + import type { $Request as Request, $Response as Response, NextFunction } from "express"; + declare module.exports: (options?: CorsOptions) => (req: Request, res: Response, next?: NextFunction) => mixed; +} diff --git a/keyserver/package.json b/keyserver/package.json --- a/keyserver/package.json +++ b/keyserver/package.json @@ -21,6 +21,7 @@ "test": "jest" }, "devDependencies": { + "0x": "^5.7.0", "@babel/cli": "^7.13.14", "@babel/core": "^7.13.14", "@babel/node": "^7.13.13", @@ -41,8 +42,7 @@ "flow-typed": "^3.2.1", "internal-ip": "4.3.0", "jest": "^26.6.3", - "nodemon": "^2.0.4", - "0x": "^5.7.0" + "nodemon": "^2.0.4" }, "dependencies": { "@babel/runtime": "^7.13.10", @@ -54,6 +54,7 @@ "common-tags": "^1.7.2", "compression": "^1.7.4", "cookie-parser": "^1.4.3", + "cors": "^2.8.5", "dateformat": "^3.0.3", "detect-browser": "^4.0.4", "ethers": "^5.7.2", diff --git a/keyserver/src/keyserver.js b/keyserver/src/keyserver.js --- a/keyserver/src/keyserver.js +++ b/keyserver/src/keyserver.js @@ -4,6 +4,7 @@ import cluster from 'cluster'; import compression from 'compression'; import cookieParser from 'cookie-parser'; +import cors from 'cors'; import crypto from 'crypto'; import express from 'express'; import expressWs from 'express-ws'; @@ -55,13 +56,19 @@ const squadCalBaseRoutePath = getSquadCalURLFacts()?.baseRoutePath; const landingBaseRoutePath = getLandingURLFacts()?.baseRoutePath; - const commAppBaseRoutePath = getCommAppURLFacts()?.baseRoutePath; + const commAppURLFacts = getCommAppURLFacts(); + const commAppBaseRoutePath = commAppURLFacts?.baseRoutePath; const compiledFolderOptions = process.env.NODE_ENV === 'development' ? undefined : { maxAge: '1y', immutable: true }; + const corsOptions = { + origin: commAppURLFacts?.baseDomain ?? 'https://web.comm.app', + methods: ['GET', 'POST'], + }; + const isCPUProfilingEnabled = process.env.KEYSERVER_CPU_PROFILING_ENABLED; const areEndpointMetricsEnabled = process.env.KEYSERVER_ENDPOINT_METRICS_ENABLED; @@ -131,6 +138,9 @@ if (areEndpointMetricsEnabled) { router.use(logEndpointMetrics); } + if (corsOptions) { + router.use(cors(corsOptions)); + } router.use('/images', express.static('images')); router.use('/fonts', express.static('fonts')); router.use('/misc', express.static('misc')); diff --git a/keyserver/src/uploads/uploads.js b/keyserver/src/uploads/uploads.js --- a/keyserver/src/uploads/uploads.js +++ b/keyserver/src/uploads/uploads.js @@ -172,12 +172,6 @@ const { content, mime } = await fetchUpload(viewer, uploadID, secret); res.type(mime); res.set('Cache-Control', 'public, max-age=31557600, immutable'); - if (process.env.NODE_ENV === 'development') { - // Add a CORS header to allow local development using localhost - const port = process.env.PORT || '3000'; - res.set('Access-Control-Allow-Origin', `http://localhost:${port}`); - res.set('Access-Control-Allow-Methods', 'GET'); - } res.send(content); } else { const totalUploadSize = await getUploadSize(uploadID, secret); @@ -207,12 +201,6 @@ 'Content-Type': mime, 'Content-Length': respWidth.toString(), }; - if (process.env.NODE_ENV === 'development') { - // Add a CORS header to allow local development using localhost - const port = process.env.PORT || '3000'; - respHeaders['Access-Control-Allow-Origin'] = `http://localhost:${port}`; - respHeaders['Access-Control-Allow-Methods'] = 'GET'; - } // HTTP 206 Partial Content // https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/206 diff --git a/yarn.lock b/yarn.lock --- a/yarn.lock +++ b/yarn.lock @@ -13296,9 +13296,9 @@ integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA== globals@^13.20.0, globals@^13.6.0, globals@^13.9.0: - version "13.21.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-13.21.0.tgz#163aae12f34ef502f5153cfbdd3600f36c63c571" - integrity sha512-ybyme3s4yy/t/3s35bewwXKOf7cvzfreG2lH0lZl0JB7I4GxRP2ghxOK/Nb9EkRXdbBXZLfq/p/0W2JUONB/Gg== + version "13.22.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-13.22.0.tgz#0c9fcb9c48a2494fbb5edbfee644285543eba9d8" + integrity sha512-H1Ddc/PbZHTDVJSnj8kWptIRSD6AM3pK+mKytuIVF4uoBV7rshFlhhvA58ceJ5wp3Er58w6zj7bykMpYXt3ETw== dependencies: type-fest "^0.20.2"