From: Jaroslav Kysela <perex@perex.cz>
Date: Fri, 18 Sep 2015 08:26:59 +0000 (+0200)
Subject: http: add configurable cors origin
X-Git-Tag: v4.2.1~2103
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=198ecc37f7ef8b5af75f82ef8035d49ee8996fbc;p=thirdparty%2Ftvheadend.git

http: add configurable cors origin
---

diff --git a/src/config.c b/src/config.c
index 48f45c5a3..e1f250c21 100644
--- a/src/config.c
+++ b/src/config.c
@@ -1646,6 +1646,7 @@ void config_done ( void )
   free(config.muxconf_path);
   free(config.chicon_path);
   free(config.picon_path);
+  free(config.cors_origin);
   file_unlock(config_lock, config_lock_fd);
 }
 
@@ -1669,6 +1670,38 @@ static void config_class_save(idnode_t *self)
   config_save();
 }
 
+static int
+config_class_cors_origin_set ( void *o, const void *v )
+{
+  const char *s = v;
+  url_t u;
+
+  while (s && *s && *s <= ' ')
+    s++;
+  if (*s == '*') {
+    prop_sbuf[0] = '*';
+    prop_sbuf[1] = '\0';
+  } else {
+    memset(&u, 0, sizeof(u));
+    urlparse(s, &u);
+    if (u.scheme && (!strcmp(u.scheme, "http") || !strcmp(u.scheme, "https")) && u.host) {
+      if (u.port)
+        snprintf(prop_sbuf, PROP_SBUF_LEN, "%s://%s:%d", u.scheme, u.host, u.port);
+      else
+        snprintf(prop_sbuf, PROP_SBUF_LEN, "%s://%s", u.scheme, u.host);
+    } else {
+      prop_sbuf[0] = '\0';
+    }
+    urlreset(&u);
+  }
+  if (strcmp(prop_sbuf, config.cors_origin ?: "")) {
+    free(config.cors_origin);
+    config.cors_origin = strdup(prop_sbuf);
+    return 1;
+  }
+  return 0;
+}
+
 static const void *
 config_class_language_get ( void *o )
 {
@@ -1752,6 +1785,14 @@ const idclass_t config_class = {
       .off    = offsetof(config_t, server_name),
       .group  = 1
     },
+    {
+      .type   = PT_STR,
+      .id     = "cors_origin",
+      .name   = N_("HTTP CORS Origin"),
+      .set    = config_class_cors_origin_set,
+      .off    = offsetof(config_t, cors_origin),
+      .group  = 1
+    },
     {
       .type   = PT_STR,
       .islist = 1,
diff --git a/src/config.h b/src/config.h
index 74ec98e2f..ab15c3703 100644
--- a/src/config.h
+++ b/src/config.h
@@ -40,6 +40,7 @@ typedef struct config {
   int tvhtime_update_enabled;
   int tvhtime_ntp_enabled;
   uint32_t tvhtime_tolerance;
+  char *cors_origin;
 } config_t;
 
 extern const idclass_t config_class;
diff --git a/src/http.c b/src/http.c
index 54df47b2b..d132f1372 100644
--- a/src/http.c
+++ b/src/http.c
@@ -38,6 +38,7 @@
 #include "access.h"
 #include "notify.h"
 #include "channels.h"
+#include "config.h"
 
 #if ENABLE_ANDROID
 #include <sys/socket.h>
@@ -237,9 +238,11 @@ http_send_header(http_connection_t *hc, int rc, const char *content,
 
   if (hc->hc_version != RTSP_VERSION_1_0){
     htsbuf_qprintf(&hdrs, "Server: HTS/tvheadend\r\n");
-    htsbuf_qprintf(&hdrs, "Access-Control-Allow-Origin: *\r\n");
-    htsbuf_qprintf(&hdrs, "Access-Control-Allow-Methods: POST, GET\r\n");
-    htsbuf_qprintf(&hdrs, "Access-Control-Allow-Headers: x-requested-with\r\n");
+    if (config.cors_origin && config.cors_origin[0]) {
+      htsbuf_qprintf(&hdrs, "Access-Control-Allow-Origin: %s\r\n", config.cors_origin);
+      htsbuf_qprintf(&hdrs, "Access-Control-Allow-Methods: POST, GET\r\n");
+      htsbuf_qprintf(&hdrs, "Access-Control-Allow-Headers: x-requested-with\r\n");
+    }
   }
   
   if(maxage == 0) {