From 4b409f77777f3597cae78ad80d0110472bdb2d9c Mon Sep 17 00:00:00 2001
From: Andrew Stewart <andrew@stwrt.ca>
Date: Tue, 8 Apr 2014 10:58:58 -0700
Subject: [PATCH] Add CORS param for API config

---
 lib/api.js               |  5 +++++
 lib/cylon.js             |  7 +++++--
 test/specs/cylon.spec.js | 13 ++++++++++++-
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/lib/api.js b/lib/api.js
index 6b6c4fb..41bd376 100644
--- a/lib/api.js
+++ b/lib/api.js
@@ -54,6 +54,11 @@ namespace("Cylon", function() {
       this.server.use(express.urlencoded());
       this.server.use(express["static"](__dirname + "/../node_modules/robeaux/"));
 
+      this.server.use(function(req, res, next) {
+        res.setHeader("Access-Control-Allow-Origin", opts.CORS || "*");
+        next();
+      });
+
       this.server.get("/*", function(req, res, next) {
         res.set('Content-Type', 'application/json');
         return next();
diff --git a/lib/cylon.js b/lib/cylon.js
index 766e5f9..930e9a6 100644
--- a/lib/cylon.js
+++ b/lib/cylon.js
@@ -48,7 +48,8 @@ var Cylon = (function() {
         port: '3000',
         cert: null,
         key: null,
-        auth: {}
+        auth: {},
+        CORS: null
       };
 
       this.robot = bind(this.robot, this);
@@ -104,6 +105,7 @@ var Cylon = (function() {
           port = opts.port || this.api_config.port,
           auth = opts.auth || this.api_config.auth,
           cert = opts.cert || this.api_config.cert,
+          cors = opts.CORS || this.api_config.CORS,
           key = opts.key || this.api_config.key;
 
       this.api_config = {
@@ -111,7 +113,8 @@ var Cylon = (function() {
         port: port,
         cert: cert,
         key: key,
-        auth: auth
+        auth: auth,
+        CORS: cors
       };
 
       return this.api_config;
diff --git a/test/specs/cylon.spec.js b/test/specs/cylon.spec.js
index 68318f0..133672a 100644
--- a/test/specs/cylon.spec.js
+++ b/test/specs/cylon.spec.js
@@ -48,7 +48,8 @@ describe("Cylon", function() {
         port: '3000',
         cert: null,
         key: null,
-        auth: {}
+        auth: {},
+        CORS: null
       };
 
       // this is the shortest, cheapest way to dup an object in JS.
@@ -113,6 +114,16 @@ describe("Cylon", function() {
         expect(cylon.api_config).to.be.eql(expectedConfig);
       });
     });
+
+    context("specifying CORS restrictions", function() {
+      it("changes the CORS restrictions", function() {
+        var CORS = "https://localhost:4000";
+        expectedConfig.CORS = CORS;
+        cylon.api({ CORS: CORS })
+
+        expect(cylon.api_config).to.be.eql(expectedConfig);
+      });
+    });
   });
 
   describe("#findRobot", function() {