support cors

Author: assafmo

main.js

@@ -4,11 +4,13 @@ const flags = require("flags");
 flags.defineString("db", "", "DB File path");
 flags.defineBoolean("readonly", false, "Open the database for readonly");
 flags.defineNumber("port", 2048, "TCP Port to listen on");
+flags.defineMultiString("cors", [], "CORS URLs to allow requests from");
 flags.parse();
 
 console.log("db", "=", flags.get("db"));
 console.log("readonly", "=", flags.get("readonly"));
 console.log("port", "=", flags.get("port"));
+console.log("cors", "=", flags.get("cors").join(", ") || "false");
 
 const Database = require("better-sqlite3");
 
@@ -19,14 +21,30 @@ const app = express();
 app.use(require("compression")());
 app.use(bodyParser.urlencoded({ extended: false, limit: "1mb" }));
 app.use(bodyParser.json({ limit: "1mb" }));
-app.use(function(req, res, next) {
+app.use(function (req, res, next) {
   req.connection.setTimeout(2 * 60 * 1000); // 2 minutes
   res.connection.setTimeout(2 * 60 * 1000); // 2 minutes
   next();
 });
 
+if (flags.get("cors").length > 0) {
+  const cors = require("cors");
+  const corsWhitelist = new Set(flags.get("cors"));
+  const corsOptions = {
+    origin: function (origin, callback) {
+      //https://www.w3.org/TR/cors/#access-control-allow-origin-response-header
+      if (!origin || corsWhitelist.has(origin) || corsWhitelist.has("*")) {
+        return callback(null, true);
+      }
+
+      callback(new Error("Not allowed by CORS"));
+    },
+  };
+  app.use(cors(corsOptions));
+}
+
 function getSqlExecutor(httpRequestFieldName) {
-  return function(req, res) {
+  return function (req, res) {
     const sql = req[httpRequestFieldName].sql;
     if (!sql) {
       return res.send([]);

package.json

@@ -10,6 +10,7 @@
     "better-sqlite3": "^6.0.1",
     "body-parser": "^1.19.0",
     "compression": "^1.7.4",
+    "cors": "^2.8.5",
     "express": "^4.17.1",
     "flags": "^0.1.3"
   },

yarn.lock

@@ -165,6 +165,14 @@ core-util-is@~1.0.0:
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
   integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=
 
+cors@^2.8.5:
+  version "2.8.5"
+  resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.5.tgz#eac11da51592dd86b9f06f6e7ac293b3df875d29"
+  integrity sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==
+  dependencies:
+    object-assign "^4"
+    vary "^1"
+
 debug@2.6.9:
   version "2.6.9"
   resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f"
@@ -536,7 +544,7 @@ number-is-nan@^1.0.0:
   resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d"
   integrity sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=
 
-object-assign@^4.1.0:
+object-assign@^4, object-assign@^4.1.0:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863"
   integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=
@@ -866,7 +874,7 @@ utils-merge@1.0.1:
   resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713"
   integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=
 
-vary@~1.1.2:
+vary@^1, vary@~1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc"
   integrity sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=