From 19cfaac37720f0a71b6e7270b21b763878fd7aef Mon Sep 17 00:00:00 2001
From: Sam Sussman <sussmansa@gmail.com>
Date: Mon, 24 Jul 2023 10:17:49 -0500
Subject: [PATCH] feat: local cors

---
 packages/@eventual/cli/src/commands/local.ts | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/packages/@eventual/cli/src/commands/local.ts b/packages/@eventual/cli/src/commands/local.ts
index a2e4bab7..b3b0f1d2 100644
--- a/packages/@eventual/cli/src/commands/local.ts
+++ b/packages/@eventual/cli/src/commands/local.ts
@@ -120,6 +120,24 @@ export const local = (yargs: Argv) =>
       });
 
       app.use(express.json({ strict: false, limit: maxBodySize }));
+      // CORS for local
+      app.use((req, res, next) => {
+        next();
+
+        const headers = res.getHeaders();
+        if (!headers["Access-Control-Allow-Origin"]) {
+          res.header("Access-Control-Allow-Origin", req.headers.origin ?? "*");
+        }
+        if (!headers["Access-Control-Allow-Methods"]) {
+          res.header("Access-Control-Allow-Methods", "*");
+        }
+        if (!headers["Access-Control-Allow-Headers"]) {
+          res.header("Access-Control-Allow-Headers", "*");
+        }
+        if (!headers["Access-Control-Allow-Credentials"]) {
+          res.header("Access-Control-Allow-Credentials", "true");
+        }
+      });
 
       // open up all of the user and service commands to the service.
       app.all("/*", async (req, res) => {