commit fc965fc531d07e0ebd9e22ada45898423ed9c5a6
author Joe Gregorio <jcgregorio@google.com> Tue Aug 13 09:10:07 2019 -0400
committer Skia Commit-Bot <skia-commit-bot@chromium.org> Tue Aug 13 13:30:47 2019 +0000
tree b9e91bc9c815271cea4321b14ec2a9a8237f8014
parent 4e4233725700e56c9d23614fc0a9171b2a52e177

docservek - Fix handling of CORS for localhost.

hasPrefix args were backwards and prefix was wrong for localhost.

Change-Id: Ica997bffd2466d48a65b6bc2dbcfb431e57c4237
Reviewed-on: https://skia-review.googlesource.com/c/buildbot/+/234237
Auto-Submit: Joe Gregorio <jcgregorio@google.com>
Reviewed-by: Ravi Mistry <rmistry@google.com>
Commit-Queue: Ravi Mistry <rmistry@google.com>

go/login/login.go

diff --git a/go/login/login.go b/go/login/login.go
index 54a1f18..670c589 100644
--- a/go/login/login.go
+++ b/go/login/login.go
@@ -608,8 +608,12 @@
 		}
 		if strings.HasSuffix(u.Host, "."+COOKIE_DOMAIN_SKIA_ORG) ||
 			strings.HasSuffix(u.Host, "."+COOKIE_DOMAIN_SKIA_CORP) ||
-			strings.HasPrefix("localhost:", u.Host) {
-			w.Header().Add("Access-Control-Allow-Origin", "https://"+u.Host)
+			strings.HasPrefix(u.Host, "localhost:") {
+			prefix := "https://"
+			if strings.HasPrefix(u.Host, "localhost:") {
+				prefix = "http://"
+			}
+			w.Header().Add("Access-Control-Allow-Origin", prefix+u.Host)
 			w.Header().Add("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
 			w.Header().Add("Access-Control-Allow-Credentials", "true")
 			w.Header().Add("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")