diff --git a/doc/chilli.conf b/doc/chilli.conf index 37a1c7ed..644d6ae3 100644 --- a/doc/chilli.conf +++ b/doc/chilli.conf @@ -216,6 +216,12 @@ uamserver https://www.spotcove.net # Do not uncomment this tag unless you are an experienced user! #uamport 3990 +# TAG: alloworigin +# Add header Access-Control-Allow-Origin on json interface for enable +# cross-origin HTTP requests. +# +#alloworigin "*" + # TAG: uamallowed # Comma separated list of domain names, IP addresses or network segments # the client can access without first authenticating. diff --git a/doc/chilli.conf.5.in b/doc/chilli.conf.5.in index 48e991ed..fa41fb89 100644 --- a/doc/chilli.conf.5.in +++ b/doc/chilli.conf.5.in @@ -642,6 +642,11 @@ IP address. .BI uamuiport " port" TCP port to bind to for only serving embedded content. +.TP +.BI alloworigin " origin" +Add header Access-Control-Allow-Origin on json interface for enable +cross-origin HTTP requests (default *) + .TP .BI uamallowed " domain" Comma separated list of resources the client can access without first diff --git a/src/cmdline.ggo b/src/cmdline.ggo index 77f6d07f..4cb691c8 100644 --- a/src/cmdline.ggo +++ b/src/cmdline.ggo @@ -153,6 +153,7 @@ option "uamlogoutip" - "HTTP Auto-Logout IP Address" string default="1.0.0.0" n option "uamaliasip" - "Special IP Address aliased (redirect) to uamlisten/uamport" string default="1.0.0.1" no option "uamaliasname" - "Special simple hostname (no dots) to be resolved to uamaliasip" string no option "uamhostname" - "Special simple hostname (no dots) to be resolved to uamlisten" string no +option "alloworigin" - "Allow cross-origin HTTP requests on json interface" string argoptional default="*" no option "authedallowed" - "Resources exempt from session limitations" string no multiple option "uamauthedallowed" - "Use uamallowed as resources exempt from session limitations" flag off diff --git a/src/main-opt.c b/src/main-opt.c index 4719f97b..64aa2424 100644 --- a/src/main-opt.c +++ b/src/main-opt.c @@ -1398,6 +1398,15 @@ int main(int argc, char **argv) { _options.usestatusfile = STRDUP(args_info.usestatusfile_arg); _options.uamaliasname = STRDUP(args_info.uamaliasname_arg); _options.uamhostname = STRDUP(args_info.uamhostname_arg); + + if (args_info.alloworigin_given) +#ifdef ENABLE_JSON + _options.alloworigin = STRDUP(args_info.alloworigin_arg); +#endif +#if(_debug_ && !defined(ENABLE_JSON)) + syslog(LOG_WARNING, "JSON not implemented. build with --enable-json"); +#endif + _options.binconfig = STRDUP(args_info.bin_arg); _options.ethers = STRDUP(args_info.ethers_arg); #ifdef ENABLE_IEEE8021Q diff --git a/src/options.c b/src/options.c index eef2171c..d06477c2 100644 --- a/src/options.c +++ b/src/options.c @@ -361,6 +361,10 @@ int options_fromfd(int fd, bstring bt) { if (!option_s_l(bt, &o.uamaliasname)) return 0; if (!option_s_l(bt, &o.uamhostname)) return 0; +#ifdef ENABLE_JSON + if (!option_s_l(bt, &o.alloworigin)) return 0; +#endif + #ifdef ENABLE_REDIRINJECT if (!option_s_l(bt, &o.inject)) return 0; if (!option_s_l(bt, &o.inject_ext)) return 0; @@ -561,6 +565,10 @@ int options_save(char *file, bstring bt) { if (!option_s_s(bt, &o.uamaliasname)) return 0; if (!option_s_s(bt, &o.uamhostname)) return 0; +#ifdef ENABLE_JSON + if (!option_s_s(bt, &o.alloworigin)) return 0; +#endif + #ifdef ENABLE_REDIRINJECT if (!option_s_s(bt, &o.inject)) return 0; if (!option_s_s(bt, &o.inject_ext)) return 0; diff --git a/src/options.h b/src/options.h index af78e90d..b8897dc1 100644 --- a/src/options.h +++ b/src/options.h @@ -181,6 +181,10 @@ struct options_t { char *uamaliasname; /* Simple hostname (no dots) DNS name for uamalias */ char *uamhostname; /* Simple hostname (no dots) DNS name for uamlisten */ +#ifdef ENABLE_JSON + char *alloworigin; +#endif + #ifdef ENABLE_FORCEDNS struct in_addr forcedns1_addr; /* IP address to force DNS to */ struct in_addr forcedns2_addr; /* IP address to force DNS to */ diff --git a/src/redir.c b/src/redir.c index 01b6dd01..2f665d0e 100644 --- a/src/redir.c +++ b/src/redir.c @@ -1403,6 +1403,16 @@ static int redir_json_reply(struct redir_t *redir, int res, struct redir_conn_t bassignformat(tmp , "%d", blength(json)); bconcat(s, tmp); + if (_options.alloworigin) { + if (!strncmp(_options.alloworigin, "*", 1)) { + bcatcstr(s, "\r\nAccess-Control-Allow-Origin: *"); + } else { + bassignformat(tmp , "\r\nAccess-Control-Allow-Origin: %s", _options.alloworigin); + bconcat(s, tmp); + bcatcstr(s, "\r\nVary: Origin"); + } + } + bcatcstr(s, "\r\nContent-Type: "); if (tmp->slen) bcatcstr(s, "text/javascript"); else bcatcstr(s, "application/json");