allow credentials (lavanet#1143)

protocol/chainlib/common.go

@@ -295,6 +295,8 @@ func createAndSetupBaseAppListener(cmdFlags common.ConsumerCmdFlags) *fiber.App
 			c.Set("Access-Control-Allow-Methods", cmdFlags.MethodsFlag)
 			// allow headers
 			c.Set("Access-Control-Allow-Headers", cmdFlags.HeadersFlag)
+			// allow credentials
+			c.Set("Access-Control-Allow-Credentials", cmdFlags.CredentialsFlag)
 			// Cache preflight request for 24 hours (in seconds)
 			c.Set("Access-Control-Max-Age", cmdFlags.CDNCacheDuration)
 			return c.SendStatus(fiber.StatusNoContent)

protocol/chainlib/grpcproxy/grpcproxy.go

@@ -28,6 +28,7 @@ func NewGRPCProxy(cb ProxyCallBack, healthCheckPath string, cmdFlags common.Cons
 		if req.Method == http.MethodOptions {
 			resp.Header().Set("Access-Control-Allow-Methods", cmdFlags.MethodsFlag)
 			resp.Header().Set("Access-Control-Allow-Headers", cmdFlags.HeadersFlag)
+			resp.Header().Set("Access-Control-Allow-Credentials", cmdFlags.CredentialsFlag)
 			resp.Header().Set("Access-Control-Max-Age", cmdFlags.CDNCacheDuration)
 			resp.WriteHeader(fiber.StatusNoContent)
 			_, _ = resp.Write(make([]byte, 0))

protocol/common/cobra_common.go

@@ -19,6 +19,7 @@ const (
 	ProcessStartLogText = "Process Started"
 	// cors related flags
 	CorsHeadersFlag      = "cors-headers"       // comma separated list of headers, or * for all, default simple cors specification headers
+	CorsCredentialsFlag  = "cors-credentials"   // comma separated list of headers, or * for all, default simple cors specification headers
 	CorsOriginFlag       = "cors-origin"        // comma separated list of origins, or * for all, default enabled completely
 	CorsMethodsFlag      = "cors-methods"       // comma separated list of methods, default "GET,POST,PUT,DELETE,OPTIONS"
 	CDNCacheDurationFlag = "cdn-cache-duration" // how long to cache the preflight response default 24 hours (in seconds) "86400"
@@ -36,6 +37,7 @@ const (
 // helper struct to propagate flags deeper into the code in an organized manner
 type ConsumerCmdFlags struct {
 	HeadersFlag      string // comma separated list of headers, or * for all, default simple cors specification headers
+	CredentialsFlag  string // access-control-allow-credentials, defaults to "true"
 	OriginFlag       string // comma separated list of origins, or * for all, default enabled completely
 	MethodsFlag      string // whether to allow access control headers *, most proxies have their own access control so its not required
 	CDNCacheDuration string // how long to cache the preflight response defaults 24 hours (in seconds) "86400"

protocol/rpcconsumer/rpcconsumer.go

@@ -482,6 +482,7 @@ rpcconsumer consumer_examples/full_consumer_example.yml --cache-be "127.0.0.1:77
 
 			consumerPropagatedFlags := common.ConsumerCmdFlags{
 				HeadersFlag:      viper.GetString(common.CorsHeadersFlag),
+				CredentialsFlag:  viper.GetString(common.CorsCredentialsFlag),
 				OriginFlag:       viper.GetString(common.CorsOriginFlag),
 				MethodsFlag:      viper.GetString(common.CorsMethodsFlag),
 				CDNCacheDuration: viper.GetString(common.CDNCacheDurationFlag),
@@ -509,6 +510,7 @@ rpcconsumer consumer_examples/full_consumer_example.yml --cache-be "127.0.0.1:77
 	cmdRPCConsumer.Flags().String(metrics.RelayServerFlagName, metrics.DisabledFlagOption, "the http address of the relay usage server api endpoint (example http://127.0.0.1:8080)")
 	cmdRPCConsumer.Flags().BoolVar(&DebugRelaysFlag, DebugRelaysFlagName, false, "adding debug information to relays")
 	// CORS related flags
+	cmdRPCConsumer.Flags().String(common.CorsCredentialsFlag, "true", "Set up CORS allowed credentials,default \"true\"")
 	cmdRPCConsumer.Flags().String(common.CorsHeadersFlag, "", "Set up CORS allowed headers, * for all, default simple cors specification headers")
 	cmdRPCConsumer.Flags().String(common.CorsOriginFlag, "*", "Set up CORS allowed origin, enabled * by default")
 	cmdRPCConsumer.Flags().String(common.CorsMethodsFlag, "GET,POST,PUT,DELETE,OPTIONS", "set up Allowed OPTIONS methods, defaults to: \"GET,POST,PUT,DELETE,OPTIONS\"")