Merge pull request #4551 from gkrizek/cors

lnd: Add CORS support to the WalletUnlocker proxy
2025-07-12 06:02:51 +02:00 · 2020-08-25 09:31:40 +02:00
parent 7d4547a8e9 3f944dd337
commit fac3c84806
2 changed files with 9 additions and 8 deletions
--- a/rpcserver.go
+++ b/rpcserver.go
@ -833,12 +833,6 @@ func (r *rpcServer) Start() error {
 	// Wrap the default grpc-gateway handler with the WebSocket handler.
 	restHandler := lnrpc.NewWebSocketProxy(restMux, rpcsLog)

-	// Set the CORS headers if configured. This wraps the HTTP handler with
-	// another handler.
-	if len(r.cfg.RestCORS) > 0 {
-		restHandler = allowCORS(restHandler, r.cfg.RestCORS)
-	}
-
 	// With our custom REST proxy mux created, register our main RPC and
 	// give all subservers a chance to register as well.
 	err := lnrpc.RegisterLightningHandlerFromEndpoint(
@ -894,7 +888,8 @@ func (r *rpcServer) Start() error {
 			// through the following chain:
 			// req ---> CORS handler --> WS proxy --->
 			//   REST proxy --> gRPC endpoint
-			err := http.Serve(lis, restHandler)
+			corsHandler := allowCORS(restHandler, r.cfg.RestCORS)
+			err := http.Serve(lis, corsHandler)
 			if err != nil && !lnrpc.IsClosedConnError(err) {
 				rpcsLog.Error(err)
 			}
@ -969,6 +964,12 @@ func allowCORS(handler http.Handler, origins []string) http.Handler {
 	allowMethods := "Access-Control-Allow-Methods"
 	allowOrigin := "Access-Control-Allow-Origin"

+	// If the user didn't supply any origins that means CORS is disabled
+	// and we should return the original handler.
+	if len(origins) == 0 {
+		return handler
+	}
+
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		origin := r.Header.Get("Origin")