init

Author: Dubzer

.gitignore

@@ -0,0 +1,16 @@
+# Generated by Cargo
+# will have compiled files and executables
+debug/
+target/
+
+# Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
+# More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html
+Cargo.lock
+
+# These are backup files generated by rustfmt
+**/*.rs.bk
+
+# MSVC Windows builds of rustc generate these, which store debugging information
+*.pdb
+
+.idea

Cargo.toml

@@ -0,0 +1,11 @@
+[package]
+name = "silly-cors"
+version = "0.1.0"
+authors = ["dubzer"]
+repository = "https://github.com/dubzer/silly-cors"
+edition = "2021"
+
+[dependencies]
+hyper = { version = "0.14.21", features = ["full"] }
+hyper-tls = "0.5.0"
+tokio = { version = "1", features = ["full"] }

src/main.rs

@@ -0,0 +1,113 @@
+use std::str::FromStr;
+use hyper::http::HeaderValue;
+use hyper::service::{make_service_fn, service_fn};
+use hyper::{Body, Request, Response, Server, StatusCode, Client, HeaderMap, Method, Uri};
+use hyper::http::uri::{Authority, Scheme};
+use hyper_tls::HttpsConnector;
+
+
+type GenericError = Box<dyn std::error::Error + Send + Sync>;
+type Result<T> = std::result::Result<T, GenericError>;
+
+async fn handle(mut req: Request<Body>) -> Result<Response<Body>> {
+    let Some(destination_header) = req.headers_mut().remove("x-destination") else {
+        return Ok(validation_error("can i hav some of that x-destination header, pwease? 🥺", None));
+    };
+
+    let Some(origin) = req.headers().get("Origin") else {
+        return Ok(validation_error("can i hav some of that origin header, pwease? 🥺", None));
+    };
+
+    let origin = origin.clone();
+
+    let Ok(authority) = Authority::from_str(destination_header.to_str().unwrap()) else {
+        return Ok(validation_error("your x-destination header looks like an invalid domain 🥺", Some(&origin)))
+    };
+
+    let mut uri_parts = req.uri().clone().into_parts();
+    uri_parts.authority = Some(authority);
+    uri_parts.scheme = Some(Scheme::HTTPS);
+
+    *req.headers_mut().get_mut("Host").unwrap() = destination_header;
+    *req.uri_mut() = Uri::from_parts(uri_parts).unwrap();
+
+    let client = Client::builder().build(HttpsConnector::new());
+
+    let client_response = match client.request(req).await {
+        Ok(result) => result,
+        Err(err) => return Ok(validation_error(format!("oops, couldn't connect to destination :(\n{}", err).as_str(), Some(&origin)))
+    };
+    
+    let (mut parts, body) = client_response.into_parts();
+
+    parts.headers.extend(get_default_cors(&origin));
+
+    return Ok(Response::from_parts(parts, body));
+}
+
+async fn handle_options(req: Request<Body>) -> Result<Response<Body>> {
+    let Some(origin) = req.headers().get("origin") else {
+        let response = Response::builder()
+            .status(StatusCode::BAD_REQUEST)
+            .body(Body::empty()).unwrap();
+
+        return Ok(response);
+    };
+
+    let mut response = Response::builder().status(StatusCode::OK);
+
+    let mut headers = get_default_cors(origin);    
+    headers.insert("Access-Control-Allow-Headers", HeaderValue::from_static("*"));
+
+    response.headers_mut().unwrap().extend(headers);
+    return Ok(response.body(Body::empty()).unwrap())
+}
+
+async fn route(req: Request<Body>) -> Result<Response<Body>> {
+    println!("req: {:?}", req);
+    match (req.method(), req.uri().path()) {
+        (&Method::OPTIONS, _) => handle_options(req).await,
+        _ => handle(req).await
+    }
+}
+
+fn validation_error(message: &str, origin: Option<&HeaderValue>) -> Response<Body> {
+    let mut response = Response::builder().status(StatusCode::BAD_REQUEST);
+    if let Some(origin) = origin {
+        let headers = get_default_cors(origin);    
+        response.headers_mut().unwrap().extend(headers);    
+    }
+
+    return response.body(Body::from(message.to_string())).unwrap()
+}
+
+fn get_default_cors(origin: &HeaderValue) -> HeaderMap {
+    let mut cors_headers = HeaderMap::new();
+    cors_headers.insert("Access-Control-Allow-Credentials", HeaderValue::from_static("true"));
+    cors_headers.insert("Access-Control-Allow-Origin", origin.clone());
+    cors_headers.insert("Access-Control-Allow-Methods", HeaderValue::from_static("GET, PUT, POST, DELETE, HEAD, PATCH, OPTIONS"));
+    return cors_headers;
+}
+
+
+#[tokio::main]
+pub async fn main() -> Result<()> {
+    // For every connection, we must make a `Service` to handle all
+    // incoming HTTP requests on said connection.
+    let make_svc = make_service_fn(|_conn| {
+        // This is the `Service` that will handle the connection.
+        // `service_fn` is a helper to convert a function that
+        // returns a Response into a `Service`.
+        async { Ok::<_, GenericError>(service_fn(route)) }
+    });
+
+    let addr = ([127, 0, 0, 1], 3001).into();
+
+    let server = Server::bind(&addr).serve(make_svc);
+
+    println!("Listening on http://{}", addr);
+
+    server.await?;
+
+    Ok(())
+}