From 93726523a831f3abcfbff5235682980a0c68aeaf Mon Sep 17 00:00:00 2001
From: Jerven bolleman <jerven.bolleman@sib.swiss>
Date: Fri, 6 Sep 2019 06:46:14 +0200
Subject: [PATCH] To make it easier to develop JS webapps against sparql-proxy
 we set the CORS header to '*'. There is a cors config to turn it off

---
 src/server.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/server.js b/src/server.js
index 5d9a947..873af8c 100644
--- a/src/server.js
+++ b/src/server.js
@@ -38,6 +38,7 @@ const config = Object.freeze({
   port:                  Number(process.env.PORT || 3000),
   queryLogPath:          process.env.QUERY_LOG_PATH,
   trustProxy:            process.env.TRUST_PROXY || 'false',
+  cors:                  process.env.ALLOW_CORS || 'true',
 });
 
 const secret = `${config.adminUser}:${config.adminPassword}`;
@@ -184,6 +185,9 @@ async function executeQuery(req, res) {
 
     res.header('Content-Type', result.contentType);
     res.header('X-Cache', result.cached ? 'hit' : 'miss');
+    if (config.cors) {
+        res.header('Access-Control-Allow-Origin', '*');
+    } 
     res.send(result.body);
     log({
       query,