Allow CORS to GitHub raw

Signed-off-by: Alex Ellis <alexellis2@gmail.com>

gateway/handlers/cors.go

@@ -0,0 +1,24 @@
+package handlers
+
+import "net/http"
+
+type CorsHandler struct {
+	Upstream    *http.Handler
+	AllowedHost string
+}
+
+func (c CorsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	// https://raw.githubusercontent.com/openfaas/store/master/store.json
+	w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
+	w.Header().Set("Access-Control-Allow-Methods", "GET")
+	w.Header().Set("Access-Control-Allow-Origin", c.AllowedHost)
+
+	(*c.Upstream).ServeHTTP(w, r)
+}
+
+func DecorateWithCORS(upstream http.Handler, allowedHost string) http.Handler {
+	return CorsHandler{
+		Upstream:    &upstream,
+		AllowedHost: allowedHost,
+	}
+}

gateway/server.go

@@ -143,7 +143,12 @@ func main() {
 	}
 
 	fs := http.FileServer(http.Dir("./assets/"))
-	r.PathPrefix("/ui/").Handler(http.StripPrefix("/ui", fs)).Methods("GET")
+
+	// This URL allows access from the UI to the OpenFaaS store
+	allowedCORSHost := "raw.githubusercontent.com"
+	fsCORS := internalHandlers.DecorateWithCORS(fs, allowedCORSHost)
+
+	r.PathPrefix("/ui/").Handler(http.StripPrefix("/ui", fsCORS)).Methods("GET")
 
 	r.HandleFunc("/", faasHandlers.RoutelessProxy).Methods("POST")