fix CORS headers

.gitignore

@@ -87,6 +87,7 @@ node_modules/**
 !.gitignore
 !version
 !out.jsonl
+!Dockerfile*
 # ...even if they are in subdirectories
 !*/
 /blocklist.json

main.go

@@ -478,6 +478,14 @@ func setProxy(mapping map[string]string) (http.Handler, error) {
 				rp := newSingleHostReverseProxy(u)
 				rp.ErrorLog = log2.New(io.Discard, "", 0)
 				rp.BufferPool = bufPool{}
+				rp.ModifyResponse = func(resp *http.Response) error {
+					// Add CORS headers to all proxied responses
+					resp.Header.Set("Access-Control-Allow-Origin", "*")
+					resp.Header.Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+					resp.Header.Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization, Upgrade, Connection, Sec-WebSocket-Key, Sec-WebSocket-Version, Sec-WebSocket-Protocol, Sec-WebSocket-Extensions")
+					resp.Header.Set("Access-Control-Max-Age", "86400")
+					return nil
+				}
 				mux.Handle(hn+"/", rp)
 				addFaviconHandler(hn, mux)
 				continue
@@ -500,6 +508,14 @@ func setProxy(mapping map[string]string) (http.Handler, error) {
 					return net.DialTimeout(network, ba, 5*time.Second)
 				},
 			},
+			ModifyResponse: func(resp *http.Response) error {
+				// Add CORS headers to all proxied responses
+				resp.Header.Set("Access-Control-Allow-Origin", "*")
+				resp.Header.Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+				resp.Header.Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization, Upgrade, Connection, Sec-WebSocket-Key, Sec-WebSocket-Version, Sec-WebSocket-Protocol, Sec-WebSocket-Extensions")
+				resp.Header.Set("Access-Control-Max-Age", "86400")
+				return nil
+			},
 			ErrorLog:   log2.New(os.Stderr, "reverse", 0),
 			BufferPool: bufPool{},
 		}