[task scheduler] Add CORS middleware to twirp endpoints
Change-Id: I300c5ff584b80a6915611cca5da014f89841dfa9
Reviewed-on: https://skia-review.googlesource.com/c/buildbot/+/372581
Reviewed-by: Eric Boren <borenet@google.com>
Commit-Queue: Ravi Mistry <rmistry@google.com>
diff --git a/go.mod b/go.mod
index d6519c0..ab15210 100644
--- a/go.mod
+++ b/go.mod
@@ -147,6 +147,7 @@
github.com/pmezard/go-difflib v1.0.0
github.com/prometheus/client_golang v1.8.0
github.com/robertkrimen/otto v0.0.0-20200922221731-ef014fd054ac // indirect
+ github.com/rs/cors v1.6.0
github.com/russross/blackfriday/v2 v2.0.1
github.com/sergi/go-diff v1.1.0 // indirect
github.com/shopspring/decimal v1.2.0 // indirect
diff --git a/go.sum b/go.sum
index 338eeb0..ad92936 100644
--- a/go.sum
+++ b/go.sum
@@ -1180,6 +1180,7 @@
github.com/robertkrimen/otto v0.0.0-20200922221731-ef014fd054ac/go.mod h1:xvqspoSXJTIpemEonrMDFq6XzwHYYgToXWj5eRX1OtY=
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/rs/cors v1.6.0 h1:G9tHG9lebljV9mfp9SNPDL36nCDxmo3zTlAf1YgvzmI=
github.com/rs/cors v1.6.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
diff --git a/go/httputils/http.go b/go/httputils/http.go
index a3cb0d7..25a1250 100644
--- a/go/httputils/http.go
+++ b/go/httputils/http.go
@@ -20,6 +20,7 @@
"github.com/cenkalti/backoff"
"github.com/fiorix/go-web/autogzip"
+ "github.com/rs/cors"
"golang.org/x/oauth2"
"go.skia.org/infra/go/metrics2"
@@ -494,6 +495,18 @@
}
}
+// AddCorsMiddleware wraps the specified HTTP handler with a handler that applies the
+// CORS specification on the request, and adds relevant CORS headers as necessary.
+// This is needed for some handlers that do not have this middleware. Eg: the twirp
+// handler (https://github.com/twitchtv/twirp/issues/210).
+func AddCorsMiddleware(handler http.Handler) http.Handler {
+ corsWrapper := cors.New(cors.Options{
+ AllowedOrigins: []string{"*"},
+ Debug: true,
+ })
+ return corsWrapper.Handler(handler)
+}
+
// CorsCredentialsHandler is an HTTPS handler function which adds the necessary header
// for a CORS request using credentials. This allows, for example, status.skia.org to
// make a request to gold.skia.org using the *.skia.org cookie that is shared
diff --git a/task_scheduler/go/task-scheduler-fe/main.go b/task_scheduler/go/task-scheduler-fe/main.go
index 301938d..7df1efc 100644
--- a/task_scheduler/go/task-scheduler-fe/main.go
+++ b/task_scheduler/go/task-scheduler-fe/main.go
@@ -296,7 +296,7 @@
r := mux.NewRouter()
r.HandleFunc("/", httputils.OriginTrial(mainHandler, *local))
r.PathPrefix("/dist/").Handler(http.StripPrefix("/dist/", http.HandlerFunc(httputils.MakeResourceHandler(*resourcesDir))))
- r.PathPrefix(rpc.TaskSchedulerServicePathPrefix).HandlerFunc(httputils.CorsHandler(srv.ServeHTTP))
+ r.PathPrefix(rpc.TaskSchedulerServicePathPrefix).Handler(httputils.AddCorsMiddleware(srv))
r.HandleFunc("/skip_tasks", httputils.OriginTrial(skipTasksHandler, *local))
r.HandleFunc("/job/{id}", httputils.OriginTrial(jobHandler, *local))
r.HandleFunc("/job/{id}/timeline", httputils.OriginTrial(jobTimelineHandler, *local))
