Apply simple CORS rules with Network.Wai CORS middleware.

A POST to the charge endpoint is not actually a simple request according to the CORS spec but this demonstrates that the CORS middleware at least fits in place. The next step is to replace simpleCors with a policy that's compatible with use of our endpoint.

Apply simple CORS rules with Network.Wai CORS middleware.
ad05b33c · Jean-Paul Calderone · caab7d1f · ad05b33c · ad05b33c
Commit ad05b33c authored 5 years ago by Jean-Paul Calderone
--- a/PaymentServer.cabal
+++ b/PaymentServer.cabal
@@ -30,6 +30,7 @@ library
                     , servant-server
                     , wai
                     , wai-extra
+                     , wai-cors
                     , data-default
                     , warp
                     , warp-tls

--- a/src/PaymentServer/Server.hs
+++ b/src/PaymentServer/Server.hs
@@ -7,6 +7,9 @@ module PaymentServer.Server
  ( paymentServerApp
  ) where

+import Network.Wai.Middleware.Cors
+  ( simpleCors
+  )
 import Servant
  ( Proxy(Proxy)
  , Server
@@ -48,4 +51,9 @@ paymentServerAPI = Proxy
 -- | Create a Servant Application which serves the payment server API using
 -- the given database.
 paymentServerApp :: VoucherDatabase d => StripeSecretKey -> Issuer -> d -> Application
-paymentServerApp key issuer = serve paymentServerAPI . paymentServer key issuer
+paymentServerApp key issuer =
+  let
+    app = serve paymentServerAPI . paymentServer key issuer
+    cors = simpleCors
+  in
+    cors . app