Add CORS to CTA

packages/compose-tunnel-agent/src/http/api-server.ts

@@ -23,8 +23,11 @@ const createApiServerHandler = ({ log, currentSshState, machineStatus, envMetada
     return
   }
 
-  if (req.method === 'GET' && path === '/machine-status' && machineStatus) {
+  if ((req.method === 'GET' || req.method === 'OPTIONS') && path === '/machine-status' && machineStatus) {
     const { data, contentType } = await machineStatus()
+    res.setHeader('Access-Control-Allow-Origin', '*')
+    res.setHeader('Access-Control-Allow-Methods', 'GET,POST,DELETE,PATCH,PUT')
+    res.setHeader('Access-Control-Allow-Headers', 'Authorization,Content-Type')
     res.setHeader('Content-Type', contentType)
     res.end(data)
     return

packages/compose-tunnel-agent/src/http/docker-proxy/index.ts

@@ -36,6 +36,20 @@ export const createDockerProxyHandlers = (
   })
 
   const handler = tryHandler({ log }, async (req, res) => {
+    if (req.method === 'OPTIONS') {
+      res.setHeader('Access-Control-Allow-Origin', '*')
+      res.setHeader('Access-Control-Allow-Methods', 'GET,POST,DELETE,PATCH,PUT')
+      res.setHeader('Access-Control-Allow-Headers', 'Authorization,Content-Type')
+      res.statusCode = 200
+      res.end()
+      return
+    }
+
+    proxy.on('proxyRes', (_, __, pRes) => {
+      pRes.setHeader('Access-Control-Allow-Origin', '*')
+      pRes.setHeader('Access-Control-Allow-Methods', 'GET,POST,DELETE,PATCH,PUT')
+      pRes.setHeader('Access-Control-Allow-Headers', 'Authorization,Content-Type')
+    })
     proxy.web(req, res)
   })
 

tunnel-server/src/proxy/index.ts

@@ -110,8 +110,7 @@ export const proxy = ({
     const { activeTunnel, path } = found
 
     req.url = path ?? '/'
-
-    if (activeTunnel.access === 'private') {
+    if (activeTunnel.access === 'private' && req.method !== 'OPTIONS') {
       return {
         req: await validatePrivateTunnelRequest(req, activeTunnel, session(activeTunnel.publicKeyThumbprint)),
         activeTunnel,